last executing test programs:

57.56608492s ago: executing program 1 (id=2391):
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300001e880000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x4)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x24004090)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r3}, @IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x6}, @IFLA_BR_VLAN_DEFAULT_PVID={0x6}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)

57.504675574s ago: executing program 1 (id=2393):
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x300000d, 0x42032, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0xc, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = timerfd_create(0x8, 0x80800)
timerfd_gettime(r1, &(0x7f0000000180))
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

57.467538687s ago: executing program 1 (id=2395):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
unshare(0x28000600)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(0x3)
recvmmsg(r2, &(0x7f0000001140)=[{{0x0, 0x0, 0x0}}], 0x700, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
unshare(0x60000600)

56.612535033s ago: executing program 1 (id=2422):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000400007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r0, 0x0, 0x0)

56.471569121s ago: executing program 1 (id=2427):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50)
r0 = socket(0x2a, 0x2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000240)="f2435f0100088000000000850800", 0xe, 0x0, &(0x7f0000000200)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c00000013000100000000000000000000000002", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=r2, @ANYBLOB="1400350064756d6d7930"], 0x3c}}, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

56.254094316s ago: executing program 1 (id=2429):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x0)
socket(0x400000000010, 0x3, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, &(0x7f00000002c0)='rxrpc_s\x00', &(0x7f0000000300)='\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
time(0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000580)=ANY=[], 0x48)

56.250834566s ago: executing program 32 (id=2429):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x8}]}], {0x14}}, 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x0)
socket(0x400000000010, 0x3, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, &(0x7f00000002c0)='rxrpc_s\x00', &(0x7f0000000300)='\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
time(0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
bpf$MAP_CREATE(0x600000000000000, &(0x7f0000000580)=ANY=[], 0x48)

55.102125852s ago: executing program 4 (id=2452):
syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/net\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000180000002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r0, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000004c0)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[], 0xe)

54.896304025s ago: executing program 4 (id=2455):
socket$phonet_pipe(0x23, 0x5, 0x2)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x362, 0xc000, 0x7, 0x337})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
socket(0x2000000000000021, 0x2, 0x10000000000002)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)='9', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

54.853021648s ago: executing program 4 (id=2457):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40088d1, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r2}, 0x10)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

53.791410228s ago: executing program 4 (id=2478):
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000e40)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x3, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171cdea3e9b48b00", "f28359738e229a4c6681b4a2988e00d300e6c202000000000000000000000001", [0x204, 0x5]})
truncate(&(0x7f00000001c0)='./file1\x00', 0x200)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)

53.484143078s ago: executing program 4 (id=2481):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$inet_mreq(0xffffffffffffffff, 0x0, 0x24, 0x0, 0x0)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
r2 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
ioctl$HIDIOCSFEATURE(r2, 0xc0404806, &(0x7f0000000040))

52.837967021s ago: executing program 4 (id=2483):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @multicast1, @loopback}}}}}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r0, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sg(0x0, 0x3, 0x10000)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100280000000000000002000000200001800d0001007564703a73797a32"], 0x34}}, 0x0)

52.774229984s ago: executing program 33 (id=2483):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @multicast1, @loopback}}}}}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r0, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sg(0x0, 0x3, 0x10000)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100280000000000000002000000200001800d0001007564703a73797a32"], 0x34}}, 0x0)

30.418637582s ago: executing program 3 (id=2910):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x20}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2000000000}, 0x18)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r1 = io_uring_setup(0x423a, &(0x7f0000000000)={0x0, 0x6087, 0x40})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f00000004c0), 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r1, 0xc, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r1, 0x13, &(0x7f0000000100)=[0x7, 0x6], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)

30.31515597s ago: executing program 3 (id=2905):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0xff, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000007750000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

30.274490592s ago: executing program 3 (id=2906):
r0 = socket$rds(0x15, 0x5, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], &(0x7f0000000240), 0x0, 0x1}}, 0x3c)
close_range(r0, 0xffffffffffffffff, 0x0)

30.236785924s ago: executing program 3 (id=2907):
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1000052, &(0x7f0000000240)=ANY=[], 0xf5, 0x1219, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1o1JU/NHrdX2oA948TQ0OXgSJEgKkgWlNkIrCFOz0SVjNmRCYEWsnrz2dXj2JvgOcvE1eMvFYw/iSGYam223VMHdFfv5HDI/nuf55pln2F2YZZ49eefel7s7ZbaTH0ZrZiZa+xHpfooUrTjz+mZzvHV7c73T2biR0vX1m6tvp5SW3vj5k6/nIuLixz8u/TQXxyufnvy29uvx5eMrJ3/c/KJXpl6ZVvqHKU93+v3D/E7RTdu9cjdL6cOim5fd1NsruwdD/TtFf39/kPK97cWF/YNuWaZ8b5B27+UR/XR4MEj553lvL2VZlhYXgieaffqQrR/uV1UVUVWz8XxUVVVdiIW4GC/EYizFtxHxYrwUL8eleCUux6vxWlypR03i9AEAAAAAAAAAAAAAAAAAAODZcX7/f0QM7f9fjhX7/wEAAAAAAAAAAAAAAAAAAGACPrp1e3O909m4kdJ8RPH90dbRVnNs+td3ohdFdONaLMfvUe/+bzT19fc7G9dSbSW+K+4+yN892nquyZ/+Oc2v1j8n8CDfrvvO8qtNPg3n52Lh/PxrsRyXRs+/NjI/H2+9eS6fxXL88ln0o4jteu6H+W9WU3rvg84j+av1OAAAAPg/yNJfRt6/Z9mT+pv83/5+oB2P3F+342p7umsnohx8tZu3iu5BXRRnxfxjLWMrZiNiUnONq5gbbmmNaa7WUy7UzLgW2P6PXGfF48Xpu/jf+D8XYrhl2p9MTMLDl8G0zwQAAAAAAAAAAIB/YszPJ7ZjxJNl705nqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//I6LAUA==")
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x40)
io_setup(0x9, &(0x7f0000000300)=<r1=>0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000}])
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x1, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
close(0xffffffffffffffff)

29.8508902s ago: executing program 3 (id=2918):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x1c, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x383, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x4}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1)
setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000180)=@assoc_value={r2, 0x2}, 0x8)

29.673461052s ago: executing program 3 (id=2919):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000, 0x1})
r0 = syz_io_uring_setup(0x3544, &(0x7f0000000680)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

29.646773453s ago: executing program 34 (id=2919):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x34, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000240)=[{0x0}], 0x1}, 0x0, 0x40000000, 0x1})
r0 = syz_io_uring_setup(0x3544, &(0x7f0000000680)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{&(0x7f00000003c0)=""/201, 0xc9}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

1.861778808s ago: executing program 5 (id=3499):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='rss_stat\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r3, 0x0)
ftruncate(r3, 0xc17a)
io_setup(0x200, &(0x7f0000000140))

1.842723408s ago: executing program 6 (id=3500):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x3}, 0x18)
r2 = gettid()
r3 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r3, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x60010002, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000300))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000100)=@ieee802154={0x24, @long={0x3, 0x1}}, 0x80, 0x0}, 0x20008010)

1.81543861s ago: executing program 0 (id=3501):
arch_prctl$ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x10007ffffffff}, 0x18)
socket$packet(0x11, 0xa, 0x300)
socket$packet(0x11, 0xa, 0x300)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2688ca4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)

1.783684403s ago: executing program 5 (id=3504):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x800040, &(0x7f0000000340), 0x1, 0x5a3, &(0x7f00000005c0)="$eJzs3U9oHPUeAPDvzGZf/+U1ffAevPfooahQoXST9I9WT+1VLBR6KHipYbMNIZtsyG60CTmk9yL2ICq91JsePCoePIgXwYtXL4pnodig0PSgK/svbZPduKlJN81+PjDZ+c1vdr+/38x+J78ZZtgA+tax2p804n8RcSmJGHqkbiCalcca662uLOUfrCzlk6hWL/+SRBIR91eW8q31k+broYhYjoj/RsTX2YgT6ca45YXFqbFisTDXLA9XpmeHywuLJyenxyYKE4WZ0y+/cvbcmbOjp0Y7Nz67tb7e/PHWOze/e+3OrU8+Pbqcf28sifMx2Kx7tB/bqbFNsnF+3fIzOxGsh5JeN4AnkmnmeS2V/hNDkWlmfTvVoafaNGCHVfdFVLciWd7S6sBulmwt/4E9ozUOqJ3/tqbHBgiZDgOHfdsz/rh7oXECUou72pwaNQONaxOxv35ucvDX5LEzk9r55pHtaQJ9bPlGRIwMDGz8/ifN79+TG9mOBrKjvrrQ2FEb93+6dvyJNsefwda107+pdfxb3XD8exg/0+H4d6nLGL+/8dOHHePfiPh/2/jJWvykTfw0It7sMv7tK1+c61RX/SjieLSP35Jsfn14+NpksTDS+Ns2xpfHj766Wf8PdojfuGa7v/5vpt32n+2y/59/89lzy5vEf/H5zfd/u+1/ICLe7TL+v+5//Hqnurs3knu1UcBW939t2Z0u4790/tgPHaoOdPkRAAAAAAAAAABAG2n9XrYkza3Np2ku13iG999xMC2WypUT10rzM+ONe96ORDZt3Wk11CgntfJo837cVvnUuvLp1n3EmQP1ci5fKo73uO8AAAAAAAAAAAAAAAAAAACwWxxa9/z/b5n68//rf64a2Ks6/+Q3sNfJf+hfj+d/sm0/7gvsfo/k/4NetgN46qrG/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74tLFi7Wp+mBlKV8rjw8szE+V3jo5XihP5abn87l8aW42N1EqTRQLuXxp+q8+r1gqzY7EzPz14UqhXBkuLyxenS7Nz1SuTk6PTRSuFrJPpVcAAAAAAAAAAAAAAAAAAADwbBmsT0mai4i0Pp+muVzEPyPiSGSTa5PFwkhEHI6I7zPZfbXyaK8bDQAAAAAAAAAAAAAAAAAAAHtMeWFxaqxYLMz1yczAhiXfdl45Ipa3txm1T9zyu7LNfbVbtuGzNnN483Uy0fMW7saZHh+YAAAAAAAAAAAAAAAAAACgDz186Lfbd/yxsw0CAAAAAAAAAAAAAAAAAACAvpT+nEREbTo+9MLg+tp/JKuZ+mtEvH378vvXxyqVudHa8ntryysfNJef6i7ilW3vA9CNVp628hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qLywODVWLBbmdnCm130EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBJ/BgAA//9UNdg0")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f00000001c0)="c5c9e33e820856bffae849c4b26778d773d98ba6c30be055b0989e4081000000000000004deb9018c5d4f342cae188f86b631cc8", &(0x7f0000000280)=@tcp6=r0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x3, 0x3, 0x9, 0x1, 0xb0}]}, &(0x7f0000000080)='syzkaller\x00'}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r2 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000000)="92", 0x1}], 0x1}, 0x1000000}], 0x2, 0x0)
pwrite64(r0, &(0x7f0000000180)="f7", 0x1, 0x200980)

1.609351504s ago: executing program 5 (id=3506):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r0, 0x0, 0x1}, 0x18)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x313db45c255d8e4a)
unshare(0x6a040000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}}, @NFT_MSG_DELFLOWTABLE={0x28, 0x16, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x4}]}]}], {0x14, 0x10}}, 0x64}}, 0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0x2b, &(0x7f0000000000)={0x15, 0x1, 0x70000000})
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0xa4000061)
read(r2, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)

1.609140234s ago: executing program 2 (id=3507):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@block_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@norecovery}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file1\x00')

1.247796858s ago: executing program 2 (id=3509):
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x301, 0x20001, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd17b, 0x0, @perf_bp={&(0x7f0000000000), 0x3}, 0x11014, 0x10000, 0x0, 0x8, 0x8, 0x20005, 0x2, 0x0, 0x0, 0x0, 0x11}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_read_part_table(0x5ff, &(0x7f0000000600)="$eJzs1D+LXFUYB+DfnZ25dyYQdsGAIkIWAlZhLSRFwEGXoJImWUIUCzvBKhYGgqaaxaQUEVthbSJICOwX0EZkEgg2VsEyBHuDCLLikbl33NlgYbEL64bnKc55zznv+XO5595wpPXSTEqpRpm0zX4yqOdDz3RVnVKXsjvh8/euX5mH/bx1+9SdZGP90uXk2Oa7SVZfyHCx+mAR/vDkvmV5p2SUx3uSq/kBspnkg4e32rC/WGWlqz5azGj2//wcbdvjj79Pe2/GowwzyJfJ2a+7scnbz77yTq+qFrewem03HBzU/tOT7cVNkwe7a64mx9f6rya5N+85PUv6pYun3bdWXdh7hXtdtdR9Bk8a/avngE7Pfm2Pp8s3bl6tv+i3zUdfnXj4c1JKufZSKWWym3cyybCe/eSq9mUvHeKZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAp9P2eLpcz+MHHzaPXn6/P2+tlL9KKUmaJLOUYddfZbR8rMzqbB7M/jfufzpKM67+6Svl4q9bx9cGdwe5uDXf93Q12jtta6er6/2fgMPUvv+bV9/87Pr49zvprsAnf1x4cdiFTVuOkt/q4eTEtSS9+cTBoR0ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPife/2N86sb65cuJ6n6wyS9lVvT2cCZ57qEkjz/3ZlvrtxbP3tu1l6bFX/W55tmp9w/9/j2yo+nfrq7lI2mS/+2lzQZJP1+17HdloNDeTj+098BAAD//6bsZIk=")
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={0x0}, 0x18)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00'], 0x2c}}, 0x0)
r1 = syz_pidfd_open(0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0/../file0\x00', 0x0)
fsetxattr$trusted_overlay_nlink(r1, &(0x7f00000018c0), 0x0, 0x0, 0x3)

1.247306948s ago: executing program 0 (id=3510):
r0 = io_uring_setup(0x6e1e, &(0x7f0000000100)={0x0, 0x23d4, 0x800, 0xfffffffc, 0x87})
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040), 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r2 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f0000000000)=r2, 0x1)
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}, {0x0}, {&(0x7f0000000280)=""/4094, 0xffe}], &(0x7f0000001540)=[0x0, 0x0, 0x4]}, 0x20)
read$eventfd(r2, &(0x7f0000000040), 0x8)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)

989.895435ms ago: executing program 2 (id=3511):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = syz_io_uring_setup(0x80c, &(0x7f0000000540)={0x0, 0xd4bb, 0x400, 0xfffffffd}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000740)='kfree\x00', r5}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000340)=@IORING_OP_RENAMEAT={0x23, 0x2, 0x0, 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', &(0x7f0000000300)='./file0\x00'})
io_uring_enter(r1, 0x3517, 0xc2de, 0x9, 0x0, 0x0)

989.221655ms ago: executing program 5 (id=3512):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x20004801}, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r2, 0x0, 0x33, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x34, 0x0, 0x8, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_DATA={0x4}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x34}}, 0x8010)

873.936643ms ago: executing program 6 (id=3513):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000400)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r2], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001540)=@newtfilter={0x68, 0x28, 0xd27, 0x1004001, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x2, 0x9}, {}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34, 0x1, [@m_sample={0x30, 0x21d, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x8810}, 0x400c8b4)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x10)

673.233815ms ago: executing program 0 (id=3514):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000009c0)={&(0x7f0000000240)='sched_switch\x00', r0, 0x0, 0x2}, 0x18)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x1, @perf_config_ext={0x4, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$PPPIOCGNPMODE(0xffffffffffffffff, 0xc008744c, &(0x7f0000000000)={0x283, 0x1})
r1 = socket(0x10, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0xa, 0x5, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0xffffffffffffff3c, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)

670.217936ms ago: executing program 7 (id=3515):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffc99}, 0x48)
close(r0)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x4)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
shutdown(r1, 0x0)
recvmmsg$unix(r1, &(0x7f0000001f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x6cfc686d3553f0e1, 0x0)

640.021708ms ago: executing program 5 (id=3516):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a00)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000014400000000c0a01011d000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x4}, 0x18)
sendmsg$rds(r1, &(0x7f0000001600)={0x0, 0x0, 0x0}, 0x0)
close(r0)

598.481931ms ago: executing program 7 (id=3517):
fsopen(&(0x7f00000006c0)='sysfs\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket(0x23, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000340)={0xa, 0x3, 0x7, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x304}, "1f21f610c4bb11e5", "1fd2b06af311c2f32767001e8739cc33", "f5de1ac5", "fec2acdfa5d73952"}, 0x28)
write$binfmt_script(r2, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
close_range(r1, r2, 0x0)

552.268163ms ago: executing program 0 (id=3518):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./bus/file0\x00', 0x2004011, &(0x7f00000004c0)={[{}, {@debug}, {@norecovery}, {@grpid}, {@grpquota}, {@discard}, {@journal_async_commit}, {@dax_inode}, {@noacl}, {@jqfmt_vfsv0}, {@discard}]}, 0x9, 0x61a, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvTDY/mrzvm7S8vK+92IBIC9qkSVspItjitZT64+YpNmmpTZvSRDS1YAr1oogXD4InD9b/QgtePXj14MWDSCGI9GCl2pXZzKa72Wyy+bG7SfbzgUmemcnO852Eb55nn31mJoCONZx9SSMORsT1JGKwYl8h8p3DSz/34PdbF7IliWLx9d+SuPVBslB5rCT/PpC/+O/BSH5IIw501dY7O3/zysT09NSNfH107ur10dn5m0cvX524NHVp6tr4C+OnTp44eWrs2JbOr1BRPnvn7XcHPzr35ldfPErGvv7pXBKn43EeW3ZeK1/bu6Was9/ZcBSXPHyyNS19PbXFY+8UfwxW/44zycoN7FgXI6I7X/4fg9FV8dccjA9fbWtwQFMVkyi3UUDHSdbP/+7aTX3NCQZooXI/oPzefrX3wbXSJvdKgFZYPLM0SLaU+90RUc7/wtLYYPSVxgb6HyRV4zxJRGxtZG5JVsf33527ky1RZxwOaI6F2+VR7pXtf1LKzaHoK631P0ir8j+tWLLtr22y/uEV6/IfWmfhdkQ8lbf/PbHp/H9rk/XLfwAAAAAAANg+985ExPOrzf9Ll+f/9Kwy/2cgIk5vQ/3rf/6X3s8LyTZUB1RYPBPxUs38378qZwcPdeWf8/+7NB+gO714eXrqWET8JyKORHdvtj5WfdiqCcJHPznweb36K+f/ZUtWf3kuYH6o+4UVF+JOTsxNbM/ZQ2dbvB3xsDT/91C+pXr+T9b+JzXt/8evZAl+vcE6Djx793zVhl+e/HtYP/+BZil+GXF41et/nnS3k7XvzzFa6g+MlnsFtZ5+/9Nv6tUv/6F9sva/f+38700q79czu7Hj90TE8flCsd7+zfb/e5I3usrHz7w3MTd3YyyiJzlbu318YzHDXlXOh3K+ZPl/5Jm1x/+W+/8VebgvIhYarPN/jwd+rrdP+w/tk+X/5Nrt/1B1+7/RQl+M3x36Nr/FWI3zDbX/J0pt+pF8i/E/qFR7P45GE7Qt4QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALpdGxL8iSUeWy2k6MhIxEBH/jf50emZ27rmLM+9cm8z2VT//f3BpPSk//3+oYn18xfrxiNgfEZ917Sutj1yYmZ5s98kDAAAAAAAAAAAAAAAAAADADjFQuua/2Lvy+v/Mr13tjg5oukL+Xb5D5yls+pXF3m0NBGi5zec/sNs1nv/dTY0DaL36+f/wUbGkpeEALaT/D51rk/nv4wLYA7T/0KkaHNPra3YcQDs03P4vNjcOAAAAAABgW+w/dO/HJCIWXtxXWjI9+T6T/WFvS9sdANA25vBC5yrMtDsCoF28xweS5dKfq17sX3/2f9KcgAAAAAAAAAAAAACAGocPuv4fOlUascYjvM3th71sjev/V0t+twuAPaT+oz8aafsTPQTYxbzHB9Zrx13/DwAAAAAAAAAAAAA7QN/NKxPT01M3Zud3X+HlnRHGxgoLEzsijG0tPF7vZ8qPmd/YkbsjYmecYKsL5VtwtDGMNv5PAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqvwTAAD//9ywLb8=")
getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r0=>0x0}, &(0x7f00000000c0)=0xc)
quotactl$Q_QUOTAON(0xffffffff80000201, 0x0, r0, &(0x7f00000001c0)='./file0\x00')
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f00000000c0))
r2 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, 0x0)
setgid(0x0)

551.712524ms ago: executing program 5 (id=3519):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@init_itable_val={'init_itable', 0x3d, 0x1}}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@errors_continue}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
utime(0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = io_uring_setup(0x58e6, &(0x7f0000000140)={0x0, 0xb5fa, 0x1000})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
sendto$inet(r1, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0x8000000000000000}, 0x18)

549.562304ms ago: executing program 7 (id=3520):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000079e02200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e25, 0x0, @loopback, 0x18}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000180), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58", "122000"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "2000a200009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
writev(r1, &(0x7f0000000600)=[{&(0x7f0000000200)='f', 0x1}], 0x1)
recvfrom$inet6(r1, &(0x7f00000004c0)=""/1, 0x3, 0x3, 0x0, 0x14487ccc76af586c)

537.315734ms ago: executing program 6 (id=3521):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x36e084fcb6392193, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000020000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c0100001000130780fffffffcdbdf252001000000000000000000000000000020010000000000000000000000000001000000004e210002000000006c000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="fc010000000000000000000000000000000000fe32000000e0000002000000000000000000000000000000000000000000000000000000000000000000000000090000000000000001000000ffffffff0000000000000000010000800000000043050000000000000400000000000000ffffffffffffff7f000000000000000001000000000000000000000000000000000000002cbd7000003500000a000000500000000000000060001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000060000000210466d38547aa140db9a200000000c538c7cb7a0c001c00", @ANYRES32=r2], 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2000)

509.363156ms ago: executing program 0 (id=3522):
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x5, 0x4, &(0x7f0000000d80)=@framed={{0x18, 0x8}, [@call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000c80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x5, 0x4, &(0x7f0000000d80)=ANY=[], &(0x7f0000000c80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r3)
r4 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x9d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x40200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000003640)={0x5, 0xb, &(0x7f0000003580)=@framed={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801}, [@printk={@llx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x98b}}]}, &(0x7f0000000c80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, r5)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000080)=ANY=[])

489.369898ms ago: executing program 7 (id=3523):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x5024c, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x4}, 0x0, 0x0, 0x0, 0x8, 0x4, 0x1, 0x5}, 0x0, 0xfffffeffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000010c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x6a)
write$binfmt_elf32(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006"], 0x69)
close(r3)
execve(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)

444.45645ms ago: executing program 2 (id=3524):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
stat(&(0x7f0000001c40)='./file0\x00', 0x0)

423.995672ms ago: executing program 2 (id=3525):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x700000, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r2, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

283.407751ms ago: executing program 0 (id=3526):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
socket$igmp(0x2, 0x3, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
syz_open_dev$sg(0x0, 0x0, 0x800)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r0, 0x0, 0x3ffff)
sendfile(r2, r0, 0x0, 0x7ffff000)

283.261201ms ago: executing program 7 (id=3527):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r2, &(0x7f0000000200)={0x2a, 0xffffffff, 0xfffffffe}, 0x37)
r3 = syz_io_uring_setup(0x496, &(0x7f0000000540)={0x0, 0x4660, 0x80, 0x3, 0x285}, &(0x7f00000004c0)=<r4=>0x0, &(0x7f0000000680)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r2, 0x0, 0x0})
io_uring_enter(r3, 0x3498, 0x969, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x80000)

283.161771ms ago: executing program 6 (id=3528):
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r3 = dup(r2)
ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x3)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r4 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102)
write$hidraw(r4, &(0x7f00000006c0)=':', 0x1)

253.834453ms ago: executing program 6 (id=3529):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000"], 0x48)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000000c0)="15452f1c17ce03519634b0f248cd4f35bfbe040d6bec3aac6dbdaea4e21f786824ca85", 0x23}, {&(0x7f0000000100)="445fad3126ce24909e1424d14663981d8c0359c7bc376dafed5c51728053486f03e6c2c2c7", 0x25}], 0x2}, 0x404c080)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000001140)=@newsa={0x1a0, 0x10, 0x1, 0x0, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x64}, {@in, 0x0, 0x32}, @in=@dev={0xac, 0x14, 0x14, 0x35}, {}, {0xfffffffffffffffd, 0x0, 0x8000000, 0x200}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0xa, 0x0, 0x0, 0xcd}, [@algo_crypt={0x48, 0x2, {{'cbc(aes)\x00'}}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0x0, 0x70bd2a, 0x70bd28}}, @algo_auth_trunc={0x4c, 0x14, {{'cmac(aes)\x00'}, 0x0, 0x18}}]}, 0x1a0}}, 0x0)
write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x24)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000280)={'ipvlan0\x00', {0x2, 0x4e24, @rand_addr=0xac141437}})

98.610293ms ago: executing program 7 (id=3530):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000002e40)=[{{0x0, 0x0, 0x0}, 0x66c}], 0x1, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r4, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c00000010004b0400000000000000007a000000", @ANYRES32=r4, @ANYBLOB="00000000000000000a000100aa"], 0x2c}}, 0x0)

56.923306ms ago: executing program 2 (id=3531):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
msgctl$MSG_INFO(0x0, 0xc, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000004c0)={'\x00', 0x107e, 0x38186da1, 0x5c8, 0x7fff, 0x9})

0s ago: executing program 6 (id=3532):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000001c0)={[{@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xe6}}, {@oldalloc}, {@barrier}, {@auto_da_alloc}, {@nodioread_nolock}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x7}}]}, 0x1, 0x5b3, &(0x7f0000000780)="$eJzs3T9sG9UfAPDvne2mf/L7pUggAepQAVKRqjpJ/0BhaldEpUodkFggctyoihNXcQJNFKnpXiE68E9dygYDI4iBAbGwwcoCYkaqaARS04EaObaTNHWCE+q4xJ+PdPF7dxd/3zv7++x7upMD6FmHa3/SiGci4nwSMbBmWzYaGw/X91tanC/cW5wvJFGtXvg9iSQi7i7OF5r7J43HAxGxEBFPR8R3uYij6cpT7mkWKrNz4yOlUnGqUR+cnrg8WJmdO3ZpYmSsOFacPPHyK6dOnzw1fHx4bXPvVdfWclvr6/Vfbrx3/cfXbt34/ItDC4UPRpI4E/2NbWv78SjVj0kuzqxbf7ITwboo6XYD2JZMI89rqfRUDESmkfWtVNcODn070jygg6p9EVWgRyXyH3pU83tA7fy3uezk94/bZ+snILW4S4vzhavRjJ+tz03E3uVzk/1/JA+cmdTONw/uZEPZlRauRcRQNvvw+z9pvP/WzlptzdCjaiQd8+3Z+gv18Oufrow/0WL86W/Onf5LzfFvqTH+LbWIn9lg/DvfZoy/3vz1kw3jX+uLZ7MR9x+Kn6zET1rETyPi7Tbj33zj69Mbbat+GnEkWvV/dUYx2Xx+ePDipVJxqP63ZYxvjhx6deP+R+zfIH59znbv8sfM2v7vabQpbbP/X33/5XMLm8R/8fnNX/9Wx39fRLzfZvwn7n72+kbbbl9L7tS+BbTq/2bxk8jFrTbjv3Tm8M+NollDAAAAAAAAAAB4hNLla9mSNL9STtN8vn4P75OxPy2VK9NHL5ZnJkfr17wdjFzavNJqoF5PavXhxvW4zfrxdfUTmUbAzL7ler5QLo12ue8AAAAAAAAAAAAAAAAAAADwuDiw7v7/PzPL9/+v/7lqYLfa+Ce/gd1O/kPvejD/k661A9h5Pv+hZ1XlP/SuVvlvTIDeINehd8l/6F3yH3qX/IfeJf8BAAAAAAAAAAAAAAAAAAAAAAAAAKAjzp87V1uq9xbnC7X6aHZ2Zrz8zrHRYmU8PzFTyBfKU5fzY+XyWKmYL5Qn/un5knL58lBMzlwZnC5Wpgcrs3NvTZRnJpu/KVrMdbxHAAAAAAAAAAAAAAAAAAAA8N/Tv7wkaT4iV6+naT4f8b+IOJhEcvFSqTgUEf+PiJ8yub5afbjbjQYAAAAAAAAAAAAAAAAAAIBdpjI7Nz5SKhWnOlfINkJ1MET7hexWdo6IhTZ2vtp+M2rPuOU25xoHsMuHbvuFu9W6bjXjhw9X12Qej/fh41/o4qAEAAAAAAAAAAAAAAAAAAA9avWm33b/435nGwQAAAAAAAAAAAAAAAAAAAA9Kf0tiYjacmTghf71W/ckS5nlx4h49+aFj66MTE9PDdfW31lZP/1xY/3xbrQfaFczT9OIqOUxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsKoyOzc+UioVp7ZZ6Gtjn273EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA7/g4AAP//5TrUlQ==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
open(0x0, 0x0, 0x21)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
close(r0)

kernel console output (not intermixed with test programs):

 (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.483634][T10639] netlink: 2028 bytes leftover after parsing attributes in process `syz.5.2545'.
[  156.492821][T10639] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2545'.
[  156.654896][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.291744][ T6076] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=6076 comm=kworker/1:9
[  157.305671][T10648] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  158.091307][   T29] kauditd_printk_skb: 118 callbacks suppressed
[  158.091324][   T29] audit: type=1326 audit(1759803671.851:6385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd7044f5d67 code=0x7ffc0000
[  158.162436][   T29] audit: type=1326 audit(1759803671.881:6386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd70449af79 code=0x7ffc0000
[  158.186326][   T29] audit: type=1326 audit(1759803671.881:6387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd7044f5d67 code=0x7ffc0000
[  158.210229][   T29] audit: type=1326 audit(1759803671.881:6388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd70449af79 code=0x7ffc0000
[  158.235394][   T29] audit: type=1326 audit(1759803671.881:6389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7044feec9 code=0x7ffc0000
[  158.259507][   T29] audit: type=1326 audit(1759803671.881:6390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7044feec9 code=0x7ffc0000
[  158.283254][   T29] audit: type=1326 audit(1759803671.901:6391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd7044feec9 code=0x7ffc0000
[  158.307074][   T29] audit: type=1326 audit(1759803671.901:6392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd7044f5d67 code=0x7ffc0000
[  158.330590][   T29] audit: type=1326 audit(1759803671.901:6393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fd70449af79 code=0x7ffc0000
[  158.354205][   T29] audit: type=1326 audit(1759803671.901:6394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10677 comm="syz.3.2561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fd7044f5d67 code=0x7ffc0000
[  158.613360][T10690] __nla_validate_parse: 5 callbacks suppressed
[  158.613380][T10690] netlink: 184 bytes leftover after parsing attributes in process `syz.0.2567'.
[  158.617694][T10692] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2568'.
[  158.637922][T10690] xt_socket: unknown flags 0xd0
[  158.842881][T10709] sg_write: data in/out 219/14 bytes for SCSI command 0x0-- guessing data in;
[  158.842881][T10709]    program syz.5.2575 not setting count and/or reply_len properly
[  158.893246][T10711] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10711 comm=syz.0.2577
[  158.934319][T10717] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2580'.
[  158.975095][T10720] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2581'.
[  159.097975][T10732] netlink: 'syz.0.2585': attribute type 153 has an invalid length.
[  159.710847][T10748] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2591'.
[  159.724134][T10748] macvlan2: entered promiscuous mode
[  159.811530][T10751] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2594'.
[  159.873775][T10754] loop2: detected capacity change from 0 to 512
[  159.908799][T10754] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #3: comm syz.2.2596: pblk 24 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  159.943716][T10754] EXT4-fs error (device loop2): ext4_quota_enable:7139: comm syz.2.2596: Bad quota inode: 3, type: 0
[  159.957258][T10754] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  159.973184][T10754] EXT4-fs (loop2): mount failed
[  160.424326][T10788] lo speed is unknown, defaulting to 1000
[  160.595453][T10797] tipc: Started in network mode
[  160.600498][T10797] tipc: Node identity f6f8b1dc5e06, cluster identity 4711
[  160.607792][T10797] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  160.616588][T10792] tipc: Resetting bearer <eth:syzkaller0>
[  160.636921][T10792] tipc: Disabling bearer <eth:syzkaller0>
[  160.658067][T10802] syzkaller0: entered promiscuous mode
[  160.663909][T10802] syzkaller0: entered allmulticast mode
[  160.679568][T10808] loop3: detected capacity change from 0 to 512
[  160.705852][T10808] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.721497][T10808] ext4 filesystem being mounted at /380/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.736448][T10808] netlink: 'syz.3.2616': attribute type 12 has an invalid length.
[  160.755484][ T5003] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.042176][T10829] loop3: detected capacity change from 0 to 2048
[  161.106014][T10829]  loop3: p1 < > p4
[  161.116203][T10829] loop3: p4 size 8388608 extends beyond EOD, truncated
[  161.222501][T10839] bridge_slave_0: left allmulticast mode
[  161.228464][T10839] bridge_slave_0: left promiscuous mode
[  161.234271][T10839] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.243669][T10839] bridge_slave_1: left allmulticast mode
[  161.249412][T10839] bridge_slave_1: left promiscuous mode
[  161.255080][T10839] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.265333][T10839] bond0: (slave bond_slave_0): Releasing backup interface
[  161.275136][T10839] bond0: (slave bond_slave_1): Releasing backup interface
[  161.288039][T10839] team0: Failed to send options change via netlink (err -105)
[  161.300460][T10839] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  161.310592][T10839] team0: Port device team_slave_0 removed
[  161.320032][T10839] team0: Failed to send options change via netlink (err -105)
[  161.327970][T10839] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  161.338391][T10839] team0: Port device team_slave_1 removed
[  161.345486][T10839] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.352913][T10839] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.362225][T10839] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.369710][T10839] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.396718][T10839] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  161.419319][T10841] bond3: entered promiscuous mode
[  161.424583][T10841] bond3: entered allmulticast mode
[  161.430358][T10841] 8021q: adding VLAN 0 to HW filter on device bond3
[  161.447906][T10841] bond3 (unregistering): Released all slaves
[  161.458168][T10858] loop3: detected capacity change from 0 to 2048
[  161.464746][T10842] team0: Failed to send options change via netlink (err -105)
[  161.472323][T10842] team0: Mode changed to "activebackup"
[  161.529095][T10865] loop2: detected capacity change from 0 to 512
[  161.547654][T10865] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.560881][T10865] ext4 filesystem being mounted at /527/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.601106][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.627978][T10870] loop2: detected capacity change from 0 to 512
[  161.653914][T10870] EXT4-fs (loop2): too many log groups per flexible block group
[  161.672902][T10870] EXT4-fs (loop2): failed to initialize mballoc (-12)
[  161.690163][T10870] EXT4-fs (loop2): mount failed
[  161.716121][T10874] syzkaller0: entered promiscuous mode
[  161.721715][T10874] syzkaller0: entered allmulticast mode
[  161.737726][T10876] SELinux:  Context system_u:object_r:sendmail_exec_t:s0 is not valid (left unmapped).
[  161.877408][T10881] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2643'.
[  161.887791][T10881] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2643'.
[  161.897579][T10881] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2643'.
[  161.908424][T10881] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2643'.
[  162.053331][T10891] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.166751][T10879] Set syz1 is full, maxelem 65536 reached
[  162.176634][T10891] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.228195][T10891] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.299424][T10891] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  162.366099][ T3699] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  162.377627][ T3699] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  162.394085][ T3699] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  162.402467][ T3699] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  162.636157][T10930] loop2: detected capacity change from 0 to 2048
[  162.648477][T10930] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.661831][T10930] EXT4-fs (loop2): Online resizing not supported with bigalloc
[  162.682908][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.105387][T10958] loop3: detected capacity change from 0 to 1024
[  163.116020][T10958] __quota_error: 368 callbacks suppressed
[  163.116037][T10958] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5
[  163.130924][T10958] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  163.140462][T10958] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2673: Failed to acquire dquot type 0
[  163.152750][T10958] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  163.179640][T10961] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.190788][T10958] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.2673: corrupted inode contents
[  163.203313][T10958] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #13: comm syz.3.2673: mark_inode_dirty error
[  163.215497][T10958] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.2673: corrupted inode contents
[  163.229790][T10961] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.241000][T10958] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.2673: mark_inode_dirty error
[  163.252906][T10958] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.2673: corrupted inode contents
[  163.265272][T10958] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[  163.274104][T10958] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #13: comm syz.3.2673: corrupted inode contents
[  163.287071][T10958] EXT4-fs error (device loop3): ext4_truncate:4637: inode #13: comm syz.3.2673: mark_inode_dirty error
[  163.298615][T10958] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[  163.309533][T10958] EXT4-fs (loop3): 1 truncate cleaned up
[  163.310774][T10961] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.316427][T10958] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.358488][ T5003] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.369037][T10961] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  163.432170][   T29] audit: type=1326 audit(1759803677.186:6763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.456561][   T29] audit: type=1326 audit(1759803677.186:6764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.463531][ T3736] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  163.498968][T10981] loop6: detected capacity change from 0 to 512
[  163.554980][T10981] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  163.564128][ T3736] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  163.572333][ T3736] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  163.594410][T10981] EXT4-fs (loop6): orphan cleanup on readonly fs
[  163.604200][T10981] EXT4-fs error (device loop6): ext4_do_update_inode:5624: inode #16: comm syz.6.2683: corrupted inode contents
[  163.622409][ T3736] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  163.651498][T10981] EXT4-fs (loop6): Remounting filesystem read-only
[  163.711324][T10981] EXT4-fs (loop6): 1 truncate cleaned up
[  163.754962][   T29] audit: type=1326 audit(1759803677.246:6765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.778533][   T29] audit: type=1326 audit(1759803677.246:6766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.802361][   T29] audit: type=1326 audit(1759803677.246:6767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.825956][   T29] audit: type=1326 audit(1759803677.246:6768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.849595][   T29] audit: type=1326 audit(1759803677.246:6769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.873227][   T29] audit: type=1326 audit(1759803677.246:6770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10980 comm="syz.6.2683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  163.928959][T10996] loop3: detected capacity change from 0 to 512
[  163.944004][T10996] EXT4-fs: Ignoring removed mblk_io_submit option
[  163.960916][T10996] EXT4-fs: Ignoring removed nomblk_io_submit option
[  163.993651][T10996] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  164.002152][T10996] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  164.036288][ T3736] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  164.046985][ T3736] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  164.069376][T10996] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2688: Allocating blocks 41-42 which overlap fs metadata
[  164.073238][ T3736] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[  164.094184][T10996] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.2688: Allocating blocks 41-42 which overlap fs metadata
[  164.104633][T10981] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  164.136624][T10996] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.2688: Failed to acquire dquot type 1
[  164.154521][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.164722][T10996] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  164.179837][T10996] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #12: comm syz.3.2688: corrupted inode contents
[  164.199107][T10996] EXT4-fs error (device loop3): ext4_dirty_inode:6509: inode #12: comm syz.3.2688: mark_inode_dirty error
[  164.220054][T10996] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #12: comm syz.3.2688: corrupted inode contents
[  164.253572][T11001] loop6: detected capacity change from 0 to 128
[  164.271252][T11001] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  164.283345][T11001] System zones: 1-3, 19-19, 35-36
[  164.288969][T11001] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  164.301453][T11001] ext4 filesystem being mounted at /21/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  164.349821][T10996] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm syz.3.2688: mark_inode_dirty error
[  164.368749][T10328] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  164.383458][T10996] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #12: comm syz.3.2688: corrupted inode contents
[  164.429304][T10996] EXT4-fs error (device loop3) in ext4_orphan_del:301: Corrupt filesystem
[  164.460224][T10996] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #12: comm syz.3.2688: corrupted inode contents
[  164.460638][T10996] EXT4-fs error (device loop3): ext4_truncate:4637: inode #12: comm syz.3.2688: mark_inode_dirty error
[  164.460830][T10996] EXT4-fs error (device loop3) in ext4_process_orphan:343: Corrupt filesystem
[  164.461069][T10996] EXT4-fs (loop3): 1 truncate cleaned up
[  164.461415][T10996] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  164.476015][T10996] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  164.505175][ T5003] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.593251][T11015] loop2: detected capacity change from 0 to 164
[  164.847899][T11043] loop2: detected capacity change from 0 to 2048
[  164.874928][T11043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.903006][T11043] ext4 filesystem being mounted at /539/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.923515][T11043] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.102063][T11053] __nla_validate_parse: 1 callbacks suppressed
[  165.102086][T11053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  165.123907][T11053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  165.144631][T11053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  165.157234][T11053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  165.170601][T11053] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2709'.
[  165.255729][ T6086] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  165.343489][ T6086] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  165.892095][T11078] dummy0: entered allmulticast mode
[  165.911142][T11078] dummy0: left allmulticast mode
[  165.934393][T11071] lo speed is unknown, defaulting to 1000
[  166.063090][T11079] loop2: detected capacity change from 0 to 512
[  166.158411][T11079] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  166.213908][T11079] EXT4-fs (loop2): orphan cleanup on readonly fs
[  166.314715][T11090] loop6: detected capacity change from 0 to 1024
[  166.333834][T11090] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.2724: Failed to acquire dquot type 0
[  166.344537][T11079] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.2720: corrupted inode contents
[  166.364145][T11090] EXT4-fs error (device loop6): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  166.379024][T11090] EXT4-fs error (device loop6): ext4_do_update_inode:5624: inode #13: comm syz.6.2724: corrupted inode contents
[  166.394869][T11079] EXT4-fs (loop2): Remounting filesystem read-only
[  166.402084][T11090] EXT4-fs error (device loop6): ext4_dirty_inode:6509: inode #13: comm syz.6.2724: mark_inode_dirty error
[  166.414532][T11090] EXT4-fs error (device loop6): ext4_do_update_inode:5624: inode #13: comm syz.6.2724: corrupted inode contents
[  166.428958][T11079] EXT4-fs (loop2): 1 truncate cleaned up
[  166.435857][ T3725] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  166.446465][ T3725] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  166.462158][T11090] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #13: comm syz.6.2724: mark_inode_dirty error
[  166.482042][ T3725] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  166.482249][T11090] EXT4-fs error (device loop6): ext4_do_update_inode:5624: inode #13: comm syz.6.2724: corrupted inode contents
[  166.519910][T11090] EXT4-fs error (device loop6) in ext4_orphan_del:301: Corrupt filesystem
[  166.521847][T11079] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  166.549001][T11090] EXT4-fs error (device loop6): ext4_do_update_inode:5624: inode #13: comm syz.6.2724: corrupted inode contents
[  166.565929][T11090] EXT4-fs error (device loop6): ext4_truncate:4637: inode #13: comm syz.6.2724: mark_inode_dirty error
[  166.579480][T11090] EXT4-fs error (device loop6) in ext4_process_orphan:343: Corrupt filesystem
[  166.590312][T11090] EXT4-fs (loop6): 1 truncate cleaned up
[  166.596614][T11090] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.641874][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.664856][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.683041][T11103] loop3: detected capacity change from 0 to 1024
[  166.692380][T11103] EXT4-fs: Ignoring removed nobh option
[  166.698068][T11103] EXT4-fs: Ignoring removed bh option
[  166.743183][T11103] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  166.793149][T11103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.793521][T11117] uprobe: syz.0.2736:11117 failed to unregister, leaking uprobe
[  166.826228][T11121] loop2: detected capacity change from 0 to 128
[  166.856922][T11121] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  166.874097][ T5003] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.875412][T11121] System zones: 1-3, 19-19, 35-36
[  166.888951][T11121] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.911339][T11121] ext4 filesystem being mounted at /548/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  167.055238][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.093784][T11141] loop2: detected capacity change from 0 to 512
[  167.103843][T11141] EXT4-fs: Ignoring removed mblk_io_submit option
[  167.117121][T11141] EXT4-fs: Ignoring removed nomblk_io_submit option
[  167.150454][T11141] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.159077][T11141] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  167.175463][T11141] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2743: Allocating blocks 41-42 which overlap fs metadata
[  167.231879][T11141] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4193: comm syz.2.2743: Allocating blocks 41-42 which overlap fs metadata
[  167.284951][T11141] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.2743: Failed to acquire dquot type 1
[  167.320232][T11141] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  167.344684][T11141] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #12: comm syz.2.2743: corrupted inode contents
[  167.358528][T11141] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #12: comm syz.2.2743: mark_inode_dirty error
[  167.388043][T11141] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #12: comm syz.2.2743: corrupted inode contents
[  167.408582][T11141] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm syz.2.2743: mark_inode_dirty error
[  167.444213][T11141] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #12: comm syz.2.2743: corrupted inode contents
[  167.486599][T11141] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem
[  167.501686][T11141] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #12: comm syz.2.2743: corrupted inode contents
[  167.527028][T11141] EXT4-fs error (device loop2): ext4_truncate:4637: inode #12: comm syz.2.2743: mark_inode_dirty error
[  167.553049][T11141] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem
[  167.567908][T11141] EXT4-fs (loop2): 1 truncate cleaned up
[  167.575225][T11141] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.605240][T11167] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=19 sclass=netlink_tcpdiag_socket pid=11167 comm=syz.3.2757
[  167.648590][T11141] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.675576][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.760869][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.768499][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.776014][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.783505][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.791003][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.798515][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.806147][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.813599][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.821021][    T9] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  167.835576][    T9] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  167.836803][T11174] UHID_CREATE from different security context by process 994 (syz.3.2759), this is not allowed.
[  167.891151][T11178] loop5: detected capacity change from 0 to 1024
[  167.915019][T11178] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.068719][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.127126][T11203] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2770'.
[  168.137600][T11203] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2770'.
[  168.149741][T11208] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2772'.
[  168.159481][T11203] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2770'.
[  168.159584][T11206] loop5: detected capacity change from 0 to 512
[  168.175997][T11204] loop3: detected capacity change from 0 to 1024
[  168.177251][T11206] EXT4-fs: Ignoring removed mblk_io_submit option
[  168.182937][T11204] EXT4-fs: dax option not supported
[  168.189802][T11206] EXT4-fs: Ignoring removed nomblk_io_submit option
[  168.201514][T11206] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  168.210069][T11206] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  168.219993][T11203] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2770'.
[  168.264921][   T29] kauditd_printk_skb: 416 callbacks suppressed
[  168.264935][   T29] audit: type=1326 audit(1759803682.029:7165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.269397][    T9] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  168.271250][   T29] audit: type=1326 audit(1759803682.029:7166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.271320][   T29] audit: type=1326 audit(1759803682.029:7167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.328876][T11206] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.2769: Allocating blocks 41-42 which overlap fs metadata
[  168.351655][   T29] audit: type=1326 audit(1759803682.029:7168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.351723][   T29] audit: type=1326 audit(1759803682.029:7169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.389540][   T29] audit: type=1326 audit(1759803682.069:7170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.436156][   T29] audit: type=1326 audit(1759803682.069:7171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.439857][T11206] Quota error (device loop5): write_blk: dquota write failed
[  168.459777][   T29] audit: type=1326 audit(1759803682.069:7172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11211 comm="syz.0.2774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f339c4eeec9 code=0x7ffc0000
[  168.468055][T11206] Quota error (device loop5): find_free_dqentry: Can't write quota data block 5
[  168.512065][T11206] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.2769: Failed to acquire dquot type 1
[  168.556720][T11206] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  168.579611][T11206] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #12: comm syz.5.2769: corrupted inode contents
[  168.591916][T11206] EXT4-fs error (device loop5): ext4_dirty_inode:6509: inode #12: comm syz.5.2769: mark_inode_dirty error
[  168.604003][T11206] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #12: comm syz.5.2769: corrupted inode contents
[  168.626681][T11206] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #12: comm syz.5.2769: mark_inode_dirty error
[  168.643718][T11206] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #12: comm syz.5.2769: corrupted inode contents
[  168.656700][T11206] EXT4-fs error (device loop5) in ext4_orphan_del:301: Corrupt filesystem
[  168.665657][T11206] EXT4-fs error (device loop5): ext4_do_update_inode:5624: inode #12: comm syz.5.2769: corrupted inode contents
[  168.678207][T11206] EXT4-fs error (device loop5): ext4_truncate:4637: inode #12: comm syz.5.2769: mark_inode_dirty error
[  168.694064][T11206] EXT4-fs error (device loop5) in ext4_process_orphan:343: Corrupt filesystem
[  168.704022][T11206] EXT4-fs (loop5): 1 truncate cleaned up
[  168.710491][T11206] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.728995][T11238] syz_tun: entered allmulticast mode
[  168.735291][T11238] syz_tun: left allmulticast mode
[  168.763803][ T3375] kernel write not supported for file /newroot/558/file0 (pid: 3375 comm: kworker/1:2)
[  168.783119][T11242] loop3: detected capacity change from 0 to 128
[  168.801090][T11242] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a842c018, mo2=0002]
[  168.809175][T11242] System zones: 1-3, 19-19, 35-36
[  168.815052][T11242] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  168.827387][T11242] ext4 filesystem being mounted at /432/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  168.832861][T11206] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  168.900177][ T5003] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  168.940869][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.018605][T11259] netlink: 'syz.0.2792': attribute type 12 has an invalid length.
[  169.637317][T11302] loop6: detected capacity change from 0 to 512
[  169.662894][T11302] EXT4-fs (loop6): orphan cleanup on readonly fs
[  169.672983][T11302] EXT4-fs error (device loop6): ext4_quota_enable:7136: comm syz.6.2810: inode #218103808: comm syz.6.2810: iget: illegal inode #
[  169.702905][T11302] EXT4-fs error (device loop6): ext4_quota_enable:7139: comm syz.6.2810: Bad quota inode: 218103808, type: 2
[  169.720688][T11302] EXT4-fs warning (device loop6): ext4_enable_quotas:7180: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix.
[  169.774961][T11302] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  169.782583][T11302] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  169.887198][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.922469][T11321] loop6: detected capacity change from 0 to 1024
[  169.929579][T11321] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  169.940612][T11321] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  169.951712][T11321] JBD2: no valid journal superblock found
[  169.957553][T11321] EXT4-fs (loop6): Could not load journal inode
[  170.028829][ T6083] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  170.141111][T11341] loop6: detected capacity change from 0 to 512
[  170.148247][T11341] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  170.168226][T11341] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  170.178416][T11341] FAT-fs (loop6): Filesystem has been set read-only
[  170.811885][T11357] loop3: detected capacity change from 0 to 1024
[  170.851330][T11357] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  170.862397][T11357] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  170.898922][T11357] JBD2: no valid journal superblock found
[  170.904755][T11357] EXT4-fs (loop3): Could not load journal inode
[  171.202049][T11367] netlink: 'syz.0.2838': attribute type 1 has an invalid length.
[  171.209944][T11367] netlink: 'syz.0.2838': attribute type 4 has an invalid length.
[  171.217703][T11367] __nla_validate_parse: 2 callbacks suppressed
[  171.217724][T11367] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.2838'.
[  171.260357][T11367] netlink: 'syz.0.2838': attribute type 1 has an invalid length.
[  171.268162][T11367] netlink: 'syz.0.2838': attribute type 4 has an invalid length.
[  171.275961][T11367] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.2838'.
[  171.488883][T11381] loop3: detected capacity change from 0 to 128
[  172.935337][ T6083] hid_parser_main: 158 callbacks suppressed
[  172.935361][ T6083] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  173.009005][ T6083] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  173.250506][T11411] wireguard0: entered promiscuous mode
[  173.256049][T11411] wireguard0: entered allmulticast mode
[  173.355711][T11416] loop3: detected capacity change from 0 to 256
[  173.370459][T11416] vfat: Bad value for 'shortname'
[  173.570058][   T29] kauditd_printk_skb: 600 callbacks suppressed
[  173.570075][   T29] audit: type=1326 audit(1759803687.341:7772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.612087][T11431] loop5: detected capacity change from 0 to 1024
[  173.626429][T11431] EXT4-fs: Ignoring removed bh option
[  173.640391][T11431] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  173.640491][T11430] pim6reg1: entered promiscuous mode
[  173.655556][T11430] pim6reg1: entered allmulticast mode
[  173.668653][   T29] audit: type=1326 audit(1759803687.371:7773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.692476][   T29] audit: type=1326 audit(1759803687.371:7774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.716092][   T29] audit: type=1326 audit(1759803687.371:7775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.739716][   T29] audit: type=1326 audit(1759803687.371:7776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.763307][   T29] audit: type=1326 audit(1759803687.371:7777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.786813][   T29] audit: type=1326 audit(1759803687.371:7778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.810361][   T29] audit: type=1326 audit(1759803687.371:7779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.833937][   T29] audit: type=1326 audit(1759803687.371:7780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.857457][   T29] audit: type=1326 audit(1759803687.371:7781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.2864" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  173.885001][T11431] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.939146][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.076441][T11446] loop5: detected capacity change from 0 to 1024
[  174.101189][T11446] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  174.123522][T11446] ext4 filesystem being mounted at /69/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.150418][T11446] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.2869: lblock 3 mapped to illegal pblock 3 (length 3)
[  174.165267][T11446] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  174.177651][T11446] EXT4-fs (loop5): This should not happen!! Data will be lost
[  174.177651][T11446] 
[  174.194700][T11446] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: comm syz.5.2869: lblock 0 mapped to illegal pblock 0 (length 1)
[  174.209356][T11446] EXT4-fs error (device loop5): ext4_ext_remove_space:2955: inode #15: comm syz.5.2869: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 4(4), depth 0(0)
[  174.241189][ T3698] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 8: comm kworker/u8:11: lblock 8 mapped to illegal pblock 8 (length 8)
[  174.255985][T11455] loop3: detected capacity change from 0 to 128
[  174.265965][ T3698] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  174.278858][ T3698] EXT4-fs (loop5): This should not happen!! Data will be lost
[  174.278858][ T3698] 
[  174.292293][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  174.295488][T11455] bio_check_eod: 156 callbacks suppressed
[  174.295507][T11455] syz.3.2871: attempt to access beyond end of device
[  174.295507][T11455] loop3: rw=0, sector=121, nr_sectors = 920 limit=128
[  174.348185][T11462] netlink: 'syz.5.2872': attribute type 1 has an invalid length.
[  174.364336][T11462] bond1: entered promiscuous mode
[  174.369493][T11462] bond1: entered allmulticast mode
[  174.387494][T11462] geneve2: entered allmulticast mode
[  174.400663][T11462] bond1: (slave geneve2): making interface the new active one
[  174.408223][T11462] geneve2: entered promiscuous mode
[  174.442911][T11466] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2872'.
[  174.458593][T11462] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  174.468437][T11466] bond1: left promiscuous mode
[  174.473257][T11466] geneve2: left promiscuous mode
[  174.478392][T11466] bond1: left allmulticast mode
[  174.484303][T11466] 8021q: adding VLAN 0 to HW filter on device bond1
[  174.762278][T11481] loop3: detected capacity change from 0 to 512
[  174.804913][T11481] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  174.828392][T11481] EXT4-fs (loop3): orphan cleanup on readonly fs
[  174.836345][T11481] EXT4-fs error (device loop3): ext4_do_update_inode:5624: inode #16: comm syz.3.2882: corrupted inode contents
[  174.849228][T11481] EXT4-fs (loop3): Remounting filesystem read-only
[  174.855920][T11481] EXT4-fs (loop3): 1 truncate cleaned up
[  174.863050][ T3741] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  174.873744][ T3741] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  174.894362][T11485] bridge0: port 1(gretap0) entered blocking state
[  174.900884][T11485] bridge0: port 1(gretap0) entered disabled state
[  174.903263][ T3741] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[  174.918273][T11481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  174.921944][T11485] gretap0: entered allmulticast mode
[  174.957824][T11485] gretap0: entered promiscuous mode
[  174.965267][ T5003] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.970380][T11485] bridge0: port 1(gretap0) entered blocking state
[  174.980773][T11485] bridge0: port 1(gretap0) entered forwarding state
[  174.997450][T11486] gretap0: left allmulticast mode
[  175.002615][T11486] gretap0: left promiscuous mode
[  175.007767][T11486] bridge0: port 1(gretap0) entered disabled state
[  175.136371][T11499] ref_ctr increment failed for inode: 0x150 offset: 0xb ref_ctr_offset: 0x82 of mm: 0xffff88811ac878c0
[  175.148175][T11499] ref_ctr increment failed for inode: 0x150 offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff88811ac878c0
[  175.207933][T11498] uprobe: syz.6.2889:11498 failed to unregister, leaking uprobe
[  175.321285][T11498] uprobe: syz.6.2889:11498 failed to unregister, leaking uprobe
[  175.558458][T11525] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2900'.
[  175.586052][T11533] lo speed is unknown, defaulting to 1000
[  175.601233][T11536] sch_tbf: burst 1821 is lower than device lo mtu (65550) !
[  175.609310][T11536] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2904'.
[  175.625169][T11525] 8021q: adding VLAN 0 to HW filter on device bond3
[  175.635142][T11525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2900'.
[  175.654611][T11525] bond3 (unregistering): Released all slaves
[  175.751665][T11546] loop3: detected capacity change from 0 to 8192
[  175.764953][T11546] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  175.781185][T11550] kernel profiling enabled (shift: 63)
[  175.786705][T11550] profiling shift: 63 too large
[  175.823293][T11554] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2912'.
[  175.867963][T11555] loop3: detected capacity change from 8192 to 0
[  175.874588][    C1] I/O error, dev loop3, sector 1 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 2
[  175.883860][    C1] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  175.892836][T11546] FAT-fs (loop3): FAT read failed (blocknr 1)
[  175.899685][T11546] FAT-fs (loop3): unable to read inode block for updating (i_pos 1050)
[  175.908362][T11546] Buffer I/O error on dev loop3, logical block 85, lost async page write
[  175.916987][T11546] Buffer I/O error on dev loop3, logical block 97, lost async page write
[  175.925774][T11546] Buffer I/O error on dev loop3, logical block 98, lost async page write
[  175.934582][T11546] Buffer I/O error on dev loop3, logical block 99, lost async page write
[  175.943383][T11546] Buffer I/O error on dev loop3, logical block 100, lost async page write
[  175.952176][T11546] Buffer I/O error on dev loop3, logical block 101, lost async page write
[  175.961027][T11546] Buffer I/O error on dev loop3, logical block 102, lost async page write
[  175.969722][T11546] Buffer I/O error on dev loop3, logical block 103, lost async page write
[  176.027511][T11568] loop2: detected capacity change from 0 to 512
[  176.038823][T11568] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  176.047090][T11568] EXT4-fs (loop2): orphan cleanup on readonly fs
[  176.055818][T11568] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #16: comm syz.2.2917: corrupted inode contents
[  176.076960][ T5003] FAT-fs (loop3): Directory bread(block 65) failed
[  176.084250][ T5003] FAT-fs (loop3): Directory bread(block 66) failed
[  176.091347][ T5003] FAT-fs (loop3): Directory bread(block 67) failed
[  176.098374][ T5003] FAT-fs (loop3): Directory bread(block 68) failed
[  176.105091][ T5003] FAT-fs (loop3): Directory bread(block 69) failed
[  176.108309][T11568] EXT4-fs (loop2): Remounting filesystem read-only
[  176.112200][ T5003] FAT-fs (loop3): Directory bread(block 70) failed
[  176.125247][ T5003] FAT-fs (loop3): Directory bread(block 71) failed
[  176.140622][T11568] EXT4-fs (loop2): 1 truncate cleaned up
[  176.146541][ T3717] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  176.157165][ T3717] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  176.198551][ T3701] FAT-fs (loop3): unable to read inode block for updating (i_pos 1050)
[  176.205224][ T3717] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[  176.217781][ T5003] FAT-fs (loop3): unable to read inode block for updating (i_pos 1050)
[  176.226472][ T5003] FAT-fs (loop3): unable to read inode block for updating (i_pos 1050)
[  176.234775][ T5003] FAT-fs (loop3): Failed to update on disk inode for unused fallocated blocks, inode could be corrupted. Please run fsck
[  176.248446][T11568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  176.279093][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.396519][T11585] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2924'.
[  176.419340][T11585] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2924'.
[  176.484042][T11600] netlink: 'syz.5.2927': attribute type 30 has an invalid length.
[  176.494354][T11585] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2924'.
[  176.531224][T11575] lo speed is unknown, defaulting to 1000
[  176.587491][T11575] chnl_net:caif_netlink_parms(): no params data found
[  176.639355][T11575] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.646509][T11575] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.653829][T11575] bridge_slave_0: entered allmulticast mode
[  176.660593][T11575] bridge_slave_0: entered promiscuous mode
[  176.677247][T11575] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.684440][T11575] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.698998][T11575] bridge_slave_1: entered allmulticast mode
[  176.706157][T11575] bridge_slave_1: entered promiscuous mode
[  176.799334][T11575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.825385][T11575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  176.860884][T11575] team0: Port device team_slave_0 added
[  176.868124][T11575] team0: Port device team_slave_1 added
[  176.891439][T11575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.898640][T11575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  176.924835][T11575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.936807][T11575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.943881][T11575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  176.970170][T11575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.003698][T11575] hsr_slave_0: entered promiscuous mode
[  177.010044][T11575] hsr_slave_1: entered promiscuous mode
[  177.016138][T11575] debugfs: 'hsr0' already exists in 'hsr'
[  177.022010][T11575] Cannot create hsr debugfs directory
[  177.226262][T11636] xt_l2tp: missing protocol rule (udp|l2tpip)
[  177.334291][T11575] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  177.362439][T11575] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  177.381202][T11575] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  177.393510][T11575] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  177.409953][T11639] bridge0: port 1(gretap0) entered blocking state
[  177.416513][T11639] bridge0: port 1(gretap0) entered disabled state
[  177.424817][T11639] gretap0: entered promiscuous mode
[  177.431136][T11639] bridge0: port 1(gretap0) entered blocking state
[  177.437673][T11639] bridge0: port 1(gretap0) entered forwarding state
[  177.455824][T11639] gretap0: left promiscuous mode
[  177.461642][T11639] bridge0: port 1(gretap0) entered disabled state
[  177.524118][T11575] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.581297][T11575] 8021q: adding VLAN 0 to HW filter on device team0
[  177.607384][ T3721] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.614509][ T3721] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.652421][ T3750] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.659577][ T3750] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.677280][T11649] loop2: detected capacity change from 0 to 1024
[  177.692974][T11649] EXT4-fs: Ignoring removed orlov option
[  177.729700][T11649] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  177.745147][T11575] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  177.804263][ T3751] bridge_slave_1: left allmulticast mode
[  177.809991][ T3751] bridge_slave_1: left promiscuous mode
[  177.815798][ T3751] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.839259][T11649] ext4 filesystem being mounted at /584/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  177.864929][T11649] EXT4-fs (loop2): re-mounted 00000000-0000-0006-0000-000000000000.
[  177.887027][ T3751] bridge_slave_0: left promiscuous mode
[  177.892872][ T3751] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.905794][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  177.933897][ T3751] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  177.956137][ T3751] bond0 (unregistering): (slave ip6erspan0): Releasing active interface
[  177.980442][T11663] loop5: detected capacity change from 0 to 512
[  177.990604][T11663] EXT4-fs: Ignoring removed bh option
[  178.007121][T11663] EXT4-fs: Ignoring removed mblk_io_submit option
[  178.014545][T11663] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  178.026897][ T3751] dvmrp8 (unregistering): left allmulticast mode
[  178.040312][T11663] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  178.049270][T11663] EXT4-fs (loop5): orphan cleanup on readonly fs
[  178.060826][T11663] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.2946: Failed to acquire dquot type 1
[  178.084685][T11663] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2946: Invalid block bitmap block 0 in block_group 0
[  178.102676][T11663] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2946: Invalid block bitmap block 0 in block_group 0
[  178.118318][T11663] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.2946: Invalid block bitmap block 0 in block_group 0
[  178.140425][T11663] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.2946: Failed to acquire dquot type 1
[  178.155903][T11663] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.2946: Failed to acquire dquot type 1
[  178.170997][T11663] EXT4-fs (loop5): 1 orphan inode deleted
[  178.186049][T11663] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  178.251226][ T3751] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  178.261569][ T3751] bond_slave_0: left promiscuous mode
[  178.268260][ T3751] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  178.278164][ T3751] bond_slave_1: left promiscuous mode
[  178.285385][ T3751] $Hÿ (unregistering): Released all slaves
[  178.295810][ T3751] bond1 (unregistering): Released all slaves
[  178.306029][ T3751] bond0 (unregistering): Released all slaves
[  178.316077][ T3751] bond2 (unregistering): Released all slaves
[  178.341976][T11659] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.378887][T11575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.399305][ T3751] hsr_slave_0: left promiscuous mode
[  178.417161][ T3751] hsr_slave_1: left promiscuous mode
[  178.423311][ T3751] batman_adv: batadv0: Removing interface: batadv_slave_0
[  178.431946][ T3751] batman_adv: batadv0: Removing interface: batadv_slave_1
[  178.463423][ T3751] team0 (unregistering): Port device team_slave_1 removed
[  178.475270][ T3751] team0 (unregistering): Port device team_slave_0 removed
[  178.513466][T11659] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.599254][T11659] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.639945][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.660628][T11659] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  178.681347][T11575] veth0_vlan: entered promiscuous mode
[  178.691166][T11575] veth1_vlan: entered promiscuous mode
[  178.722632][T11575] veth0_macvtap: entered promiscuous mode
[  178.736609][T11575] veth1_macvtap: entered promiscuous mode
[  178.750330][ T3750] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.795669][ T3750] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.806793][T11575] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.842767][ T3750] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.854810][ T3750] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.864768][T11575] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.885103][   T29] kauditd_printk_skb: 735 callbacks suppressed
[  178.885118][   T29] audit: type=1400 audit(1759803692.653:8499): avc:  denied  { mounton } for  pid=11694 comm="syz.6.2955" path="/76/file1" dev="tmpfs" ino=414 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  178.917043][ T3750] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.926140][ T3750] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.964520][ T3750] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.974325][ T3750] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  179.062001][   T29] audit: type=1326 audit(1759803692.833:8500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.078742][T11703] loop5: detected capacity change from 0 to 512
[  179.085997][   T29] audit: type=1326 audit(1759803692.833:8501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.094281][T11703] EXT4-fs: Ignoring removed mblk_io_submit option
[  179.168474][   T29] audit: type=1326 audit(1759803692.833:8502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.196477][   T29] audit: type=1326 audit(1759803692.833:8503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.224625][   T29] audit: type=1326 audit(1759803692.833:8504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.249251][   T29] audit: type=1326 audit(1759803692.833:8505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.275569][   T29] audit: type=1326 audit(1759803692.833:8506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.302476][   T29] audit: type=1326 audit(1759803692.833:8507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.327372][   T29] audit: type=1326 audit(1759803692.833:8508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11702 comm="syz.5.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  179.384027][T11703] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.397049][T11703] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.482486][T11703] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.2957: corrupted xattr block 33: e_value out of bounds
[  179.532055][T11703] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  179.542662][T11703] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #15: comm syz.5.2957: corrupted xattr block 33: e_value out of bounds
[  179.562389][T11703] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=15
[  179.592085][T11703] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  179.618912][T11715] cgroup: fork rejected by pids controller in /syz0
[  179.626183][T11703] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2967: inode #15: comm syz.5.2957: corrupted xattr block 33: e_value out of bounds
[  179.650506][T11717] pim6reg1: entered promiscuous mode
[  179.656515][T11717] pim6reg1: entered allmulticast mode
[  179.734727][T11703] EXT4-fs warning (device loop5): ext4_evict_inode:274: xattr delete (err -117)
[  179.776395][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.823380][T11727] netlink: 'syz.7.2967': attribute type 10 has an invalid length.
[  179.864411][T11727] team0: Port device dummy0 added
[  179.885025][T11727] netlink: 'syz.7.2967': attribute type 10 has an invalid length.
[  179.908933][T11727] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  179.938785][T11727] team0: Failed to send options change via netlink (err -105)
[  179.963148][T11727] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  180.007337][T11727] team0: Port device dummy0 removed
[  180.025084][T11727] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  180.135299][T11757] netlink: 'syz.7.2979': attribute type 12 has an invalid length.
[  180.218130][T11763] syz_tun: entered allmulticast mode
[  180.224070][T11763] syz_tun: left allmulticast mode
[  180.231036][ T3709] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.298156][ T3709] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.378850][ T3709] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.448324][ T3709] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  180.462713][T11779] pim6reg1: entered promiscuous mode
[  180.468332][T11779] pim6reg1: entered allmulticast mode
[  180.498590][T11782] netlink: 'syz.6.2987': attribute type 6 has an invalid length.
[  180.570903][ T3709] dvmrp8 (unregistering): left allmulticast mode
[  180.581105][ T3709] team0: Port device geneve1 removed
[  180.829314][ T3709] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.839018][ T3709] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  180.848037][ T3709] bond0 (unregistering): Released all slaves
[  180.858738][ T3709] bond1 (unregistering): Released all slaves
[  180.877750][ T3709] bond2 (unregistering): Released all slaves
[  180.894644][ T3709] bond3 (unregistering): Released all slaves
[  180.906951][ T3709] bond4 (unregistering): Released all slaves
[  180.913276][T11791] loop5: detected capacity change from 0 to 128
[  180.998481][ T3709] tipc: Disabling bearer <udp:s>
[  181.003608][ T3709] tipc: Disabling bearer <udp:£>
[  181.008998][ T3709] tipc: Left network mode
[  181.059211][ T3709] batman_adv: batadv0: Removing interface: batadv_slave_0
[  181.068679][ T3709] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.100046][ T3709] team0 (unregistering): Port device team_slave_1 removed
[  181.146075][T11768] chnl_net:caif_netlink_parms(): no params data found
[  181.188319][T11815] netlink: 'syz.2.3000': attribute type 12 has an invalid length.
[  181.237925][T11768] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.245275][T11768] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.258518][T11768] bridge_slave_0: entered allmulticast mode
[  181.265565][T11768] bridge_slave_0: entered promiscuous mode
[  181.273978][T11768] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.281310][T11768] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.288758][T11768] bridge_slave_1: entered allmulticast mode
[  181.296951][T11768] bridge_slave_1: entered promiscuous mode
[  181.338472][T11768] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  181.367601][T11768] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  181.443998][T11768] team0: Port device team_slave_0 added
[  181.451054][T11768] team0: Port device team_slave_1 added
[  181.537378][T11835] loop2: detected capacity change from 0 to 512
[  181.544156][T11835] EXT4-fs: Ignoring removed nobh option
[  181.573551][T11768] batman_adv: batadv0: Adding interface: batadv_slave_0
[  181.581294][T11768] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  181.608304][T11768] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  181.620669][T11768] batman_adv: batadv0: Adding interface: batadv_slave_1
[  181.627409][T11835] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #3: comm syz.2.3006: corrupted inode contents
[  181.627825][T11768] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  181.666400][T11768] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  181.678294][T11835] EXT4-fs (loop2): Remounting filesystem read-only
[  181.679811][T11839] lo: entered allmulticast mode
[  181.691683][T11839] tunl0: entered allmulticast mode
[  181.698707][T11839] gre0: entered allmulticast mode
[  181.705662][T11839] gretap0: entered allmulticast mode
[  181.712330][T11839] erspan0: entered allmulticast mode
[  181.718015][T11835] EXT4-fs (loop2): 1 truncate cleaned up
[  181.718620][T11839] ip_vti0: entered allmulticast mode
[  181.730565][T11839] ip6_vti0: entered allmulticast mode
[  181.738484][T11839] sit0: entered allmulticast mode
[  181.745279][T11839] ip6tnl0: entered allmulticast mode
[  181.752107][T11839] ip6gre0: entered allmulticast mode
[  181.756930][T11835] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.759017][T11839] syz_tun: entered allmulticast mode
[  181.779950][T11839] ip6gretap0: entered allmulticast mode
[  181.786522][T11839] vcan0: entered allmulticast mode
[  181.792909][T11839] bond0: entered allmulticast mode
[  181.798815][T11839] bond_slave_0: entered allmulticast mode
[  181.804595][T11839] bond_slave_1: entered allmulticast mode
[  181.808040][T11835] ext4 filesystem being mounted at /594/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.812087][T11839] team0: entered allmulticast mode
[  181.826072][T11839] team_slave_0: entered allmulticast mode
[  181.832582][T11839] team_slave_1: entered allmulticast mode
[  181.839500][T11835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.851695][T11839] dummy0: entered allmulticast mode
[  181.860028][T11839] nlmon0: entered allmulticast mode
[  181.877489][T11839] caif0: entered allmulticast mode
[  181.882722][T11839] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  181.939070][T11768] hsr_slave_0: entered promiscuous mode
[  181.947010][T11768] hsr_slave_1: entered promiscuous mode
[  182.095390][T11851] netlink: 'syz.7.3012': attribute type 1 has an invalid length.
[  182.104519][T11851] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3012'.
[  182.165397][T11853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3013'.
[  182.263001][T11859] syzkaller0: entered promiscuous mode
[  182.268702][T11859] syzkaller0: entered allmulticast mode
[  182.310240][T11864] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  182.318090][T11863] tipc: Resetting bearer <eth:syzkaller0>
[  182.342899][T11863] tipc: Disabling bearer <eth:syzkaller0>
[  182.384741][T11768] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  182.413341][T11768] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  182.445321][T11868] netlink: 'syz.2.3020': attribute type 7 has an invalid length.
[  182.453526][T11868] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3020'.
[  182.462793][T11768] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  182.479225][T11768] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  182.508105][T11868] bridge8: port 1(bond3) entered blocking state
[  182.514892][T11868] bridge8: port 1(bond3) entered disabled state
[  182.523253][T11868] bond3: entered allmulticast mode
[  182.614156][T11768] 8021q: adding VLAN 0 to HW filter on device bond0
[  182.629790][T11768] 8021q: adding VLAN 0 to HW filter on device team0
[  182.629862][T11882] loop5: detected capacity change from 0 to 512
[  182.647250][T11882] EXT4-fs (loop5): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  182.665620][ T3709] bridge0: port 1(bridge_slave_0) entered blocking state
[  182.672803][ T3709] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.683120][T11882] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  182.720110][T10109] EXT4-fs (loop5): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  182.721474][T11888] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3025'.
[  182.752885][ T3701] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.760098][ T3701] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.962265][T11768] 8021q: adding VLAN 0 to HW filter on device batadv0
[  183.130093][T11768] veth0_vlan: entered promiscuous mode
[  183.143798][T11768] veth1_vlan: entered promiscuous mode
[  183.160697][T11768] veth0_macvtap: entered promiscuous mode
[  183.171674][T11914] loop6: detected capacity change from 0 to 512
[  183.175291][T11768] veth1_macvtap: entered promiscuous mode
[  183.190288][T11914] EXT4-fs: Ignoring removed bh option
[  183.196065][T11914] EXT4-fs: Ignoring removed mblk_io_submit option
[  183.204027][T11914] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  183.212430][T11768] batman_adv: batadv0: Interface activated: batadv_slave_0
[  183.222664][T11914] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  183.223368][T11768] batman_adv: batadv0: Interface activated: batadv_slave_1
[  183.241989][T11914] EXT4-fs (loop6): orphan cleanup on readonly fs
[  183.251414][T11914] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.3033: Failed to acquire dquot type 1
[  183.268971][ T3750] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.280059][ T3750] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.289885][ T3750] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.294563][T11914] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.3033: Invalid block bitmap block 0 in block_group 0
[  183.313773][ T3750] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.349368][T11914] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.3033: Invalid block bitmap block 0 in block_group 0
[  183.364068][T11931] geneve0: entered allmulticast mode
[  183.369901][T11914] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.3033: Invalid block bitmap block 0 in block_group 0
[  183.429477][T11914] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.3033: Failed to acquire dquot type 1
[  183.442986][T11914] EXT4-fs error (device loop6): ext4_acquire_dquot:6945: comm syz.6.3033: Failed to acquire dquot type 1
[  183.455780][T11914] EXT4-fs (loop6): 1 orphan inode deleted
[  183.463189][T11914] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  183.483273][T11939] loop2: detected capacity change from 0 to 512
[  183.497863][T11939] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3038: bg 0: block 248: padding at end of block bitmap is not set
[  183.512522][T11939] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3038: Failed to acquire dquot type 1
[  183.524568][T11939] EXT4-fs (loop2): 1 truncate cleaned up
[  183.530829][T11939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.543505][T11939] ext4 filesystem being mounted at /605/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.562632][T11939] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.3038: Failed to acquire dquot type 1
[  183.571448][T11945] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2983'.
[  183.612239][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.625151][T11948] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3051'.
[  183.635131][ T3701] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u8:14: Failed to release dquot type 1
[  183.794886][T11963] wireguard0: entered promiscuous mode
[  183.800558][T11963] wireguard0: entered allmulticast mode
[  183.897525][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.962851][T11979] netlink: 96 bytes leftover after parsing attributes in process `syz.0.3055'.
[  183.989166][T11982] loop6: detected capacity change from 0 to 764
[  184.046829][   T29] kauditd_printk_skb: 1037 callbacks suppressed
[  184.046847][   T29] audit: type=1326 audit(1759803697.814:9532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.076664][   T29] audit: type=1326 audit(1759803697.814:9533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.089803][T11992] netlink: 28 bytes leftover after parsing attributes in process `syz.7.3062'.
[  184.111817][   T29] audit: type=1326 audit(1759803697.874:9534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.135536][   T29] audit: type=1326 audit(1759803697.874:9535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.135628][   T29] audit: type=1326 audit(1759803697.874:9536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.149460][T11992] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.195702][   T29] audit: type=1326 audit(1759803697.884:9537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.220363][   T29] audit: type=1326 audit(1759803697.884:9538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.240704][T11990] loop5: detected capacity change from 0 to 512
[  184.243961][   T29] audit: type=1326 audit(1759803697.884:9539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.251376][T11992] bridge_slave_1: left allmulticast mode
[  184.274464][   T29] audit: type=1326 audit(1759803697.884:9540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.274502][   T29] audit: type=1326 audit(1759803697.884:9541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11987 comm="syz.6.3060" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3e081eec9 code=0x7ffc0000
[  184.280188][T11992] bridge_slave_1: left promiscuous mode
[  184.280333][T11992] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.370058][T11990] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.432352][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.542424][T12019] loop7: detected capacity change from 0 to 512
[  184.558176][T12019] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.570979][T12019] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.599336][T11575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.705610][T12035] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.741986][T12037] loop2: detected capacity change from 0 to 1024
[  184.747796][T12035] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  184.750132][T12037] EXT4-fs: Ignoring removed nobh option
[  184.758830][T12035] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  184.761458][T12037] EXT4-fs: Ignoring removed bh option
[  184.775837][T12037] EXT4-fs (loop2): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  184.800373][ T3709] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  184.810292][ T3740] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  184.820374][ T3740] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  184.830575][T12037] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.843174][ T3740] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  184.897757][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.012640][T12059] netlink: 'syz.2.3086': attribute type 4 has an invalid length.
[  185.038004][T12059] netlink: 'syz.2.3086': attribute type 4 has an invalid length.
[  185.127708][T12068] netlink: 16186 bytes leftover after parsing attributes in process `syz.6.3087'.
[  185.138399][T12067] loop2: detected capacity change from 0 to 8192
[  185.357520][T12076] netlink: 156 bytes leftover after parsing attributes in process `syz.2.3092'.
[  185.858528][T12096] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  185.913986][T12098] loop6: detected capacity change from 0 to 1024
[  185.921357][T12098] EXT4-fs: inline encryption not supported
[  185.937055][T12098] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.975822][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.007909][T12104] netlink: 'syz.0.3101': attribute type 3 has an invalid length.
[  186.016180][T12104] netlink: 'syz.0.3101': attribute type 3 has an invalid length.
[  186.031868][T12106] loop6: detected capacity change from 0 to 512
[  186.048861][T12108] syzkaller1: entered promiscuous mode
[  186.054375][T12108] syzkaller1: entered allmulticast mode
[  186.244021][T12119] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  186.351169][T12125] loop2: detected capacity change from 0 to 512
[  186.389135][T12125] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  186.404615][T12125] EXT4-fs error (device loop2): ext4_iget_extra_inode:5075: inode #15: comm syz.2.3112: corrupted in-inode xattr: overlapping e_value 
[  186.419758][T12125] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.3112: couldn't read orphan inode 15 (err -117)
[  186.452177][T12131] loop5: detected capacity change from 0 to 1024
[  186.463738][T12131] EXT4-fs: inline encryption not supported
[  186.465194][T12127] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.477278][T12127] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.532180][T12127] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.550296][T12127] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.610881][T12136] 8021q: adding VLAN 0 to HW filter on device bond2
[  186.620315][ T3701] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  186.629517][T12138] netlink: 'syz.2.3116': attribute type 3 has an invalid length.
[  186.639433][T12138] netlink: 'syz.2.3116': attribute type 3 has an invalid length.
[  186.660728][T12136] bond2 (unregistering): Released all slaves
[  186.675202][ T3701] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  186.707634][ T3701] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  186.732078][ T3701] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  186.757261][T12150] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  186.856874][T12157] hub 9-0:1.0: USB hub found
[  186.863238][T12157] hub 9-0:1.0: 8 ports detected
[  186.923494][T12165] 8021q: adding VLAN 0 to HW filter on device bond1
[  186.938548][T12165] bond1 (unregistering): Released all slaves
[  187.490404][T12179] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  187.759362][T12188] loop7: detected capacity change from 0 to 1024
[  187.766606][T12189] wireguard0: entered promiscuous mode
[  187.767116][T12188] EXT4-fs: inline encryption not supported
[  187.772089][T12189] wireguard0: entered allmulticast mode
[  187.910999][T12197] __nla_validate_parse: 5 callbacks suppressed
[  187.911019][T12197] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3139'.
[  187.933951][T12201] netlink: 14593 bytes leftover after parsing attributes in process `syz.0.3138'.
[  187.959634][T12203] serio: Serial port ptm1
[  188.051791][T12212] loop2: detected capacity change from 0 to 128
[  188.132771][T12218] loop7: detected capacity change from 0 to 512
[  188.156904][T12218] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.319291][T12226] netlink: 'syz.5.3152': attribute type 4 has an invalid length.
[  188.343202][T12226] netlink: 'syz.5.3152': attribute type 4 has an invalid length.
[  188.472002][T12235] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3155'.
[  188.572626][T12237] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3156'.
[  188.719401][T12241] loop6: detected capacity change from 0 to 128
[  188.728807][T12241] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.791146][T12247] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3160'.
[  188.871607][T12255] loop6: detected capacity change from 0 to 512
[  188.886512][T12255] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.979500][T12267] netlink: 'syz.2.3168': attribute type 4 has an invalid length.
[  188.987337][T12267] netlink: 152 bytes leftover after parsing attributes in process `syz.2.3168'.
[  189.008511][T12267] .`: renamed from bond0 (while UP)
[  189.041967][T12271] loop0: detected capacity change from 0 to 512
[  189.064741][T12271] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  189.066284][T12273] loop2: detected capacity change from 0 to 512
[  189.087393][T12273] ext4 filesystem being mounted at /636/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  189.099352][T12273] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3170: corrupted inode contents
[  189.112088][T12273] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.3170: mark_inode_dirty error
[  189.124025][T12273] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3170: corrupted inode contents
[  189.137178][T12271] EXT4-fs (loop0): 1 truncate cleaned up
[  189.137798][T12273] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3170: corrupted inode contents
[  189.155361][T12273] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.3170: mark_inode_dirty error
[  189.167531][   T29] kauditd_printk_skb: 117 callbacks suppressed
[  189.167545][   T29] audit: type=1400 audit(1759803702.935:9659): avc:  denied  { rename } for  pid=12270 comm="syz.0.3169" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  189.197685][T12273] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3170: corrupted inode contents
[  189.227897][T12273] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #2: comm syz.2.3170: mark_inode_dirty error
[  189.244607][T12273] EXT4-fs error (device loop2): ext4_do_update_inode:5624: inode #2: comm syz.2.3170: corrupted inode contents
[  189.258244][T12273] EXT4-fs error (device loop2): ext4_dirty_inode:6509: inode #2: comm syz.2.3170: mark_inode_dirty error
[  189.283534][T12281] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.283736][   T29] audit: type=1326 audit(1759803703.045:9660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12282 comm="syz.7.3174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  189.317676][   T29] audit: type=1326 audit(1759803703.045:9661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12282 comm="syz.7.3174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  189.351995][   T29] audit: type=1326 audit(1759803703.065:9662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12285 comm="syz.0.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd08c1eec9 code=0x7ffc0000
[  189.375614][   T29] audit: type=1326 audit(1759803703.065:9663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12285 comm="syz.0.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7efd08c1eec9 code=0x7ffc0000
[  189.399248][   T29] audit: type=1326 audit(1759803703.065:9664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12285 comm="syz.0.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd08c1eec9 code=0x7ffc0000
[  189.422843][   T29] audit: type=1326 audit(1759803703.065:9665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12285 comm="syz.0.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7efd08c1eec9 code=0x7ffc0000
[  189.446544][   T29] audit: type=1326 audit(1759803703.095:9666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12288 comm="syz.0.3173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7efd08c51785 code=0x7ffc0000
[  189.470051][   T29] audit: type=1326 audit(1759803703.095:9667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12282 comm="syz.7.3174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  189.493716][   T29] audit: type=1326 audit(1759803703.095:9668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12282 comm="syz.7.3174" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  189.532584][T12295] loop2: detected capacity change from 0 to 512
[  189.542546][T12281] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.560929][T12295] ext4 filesystem being mounted at /637/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.586698][T12281] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.659324][T12281] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.715152][ T3709] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.744619][ T3709] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.753189][ T3709] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.762545][ T3709] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.002352][T12321] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3197'.
[  190.014549][T12323] wireguard0: entered promiscuous mode
[  190.020249][T12323] wireguard0: entered allmulticast mode
[  190.046142][T12326] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3188'.
[  190.101405][T12334] sch_fq: defrate 0 ignored.
[  190.107510][T12332] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3192'.
[  190.124788][T12332] team1: entered promiscuous mode
[  190.130740][T12332] team1: entered allmulticast mode
[  190.136922][T12332] 8021q: adding VLAN 0 to HW filter on device team1
[  190.167543][T12339] loop0: detected capacity change from 0 to 1024
[  190.410529][T12362] loop2: detected capacity change from 0 to 512
[  190.431315][T12362] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.3204: error while reading EA inode 32 err=-116
[  190.444910][T12362] EXT4-fs (loop2): Remounting filesystem read-only
[  190.451632][T12362] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  190.472277][T12362] EXT4-fs (loop2): 1 orphan inode deleted
[  190.512661][T12369] netlink: 'syz.0.3206': attribute type 2 has an invalid length.
[  190.682206][T12376] wireguard0: entered promiscuous mode
[  190.687792][T12376] wireguard0: entered allmulticast mode
[  190.955715][T12399] loop5: detected capacity change from 0 to 512
[  190.962893][T12399] EXT4-fs (loop5): external journal device major/minor numbers have changed
[  190.971899][T12399] EXT4-fs (loop5): couldn't read superblock of external journal
[  191.011821][T12401] loop5: detected capacity change from 0 to 512
[  191.021427][T12401] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  191.036508][T12401] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm syz.5.3220: bg 0: block 104: invalid block bitmap
[  191.064988][T12401] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  191.084841][T12401] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.3220: invalid indirect mapped block 1 (level 1)
[  191.108380][T12401] EXT4-fs (loop5): 1 truncate cleaned up
[  191.114672][T12401] EXT4-fs mount: 23 callbacks suppressed
[  191.120439][T12401] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.387143][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.792793][T12423] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3229'.
[  192.138828][T12455] loop6: detected capacity change from 0 to 128
[  192.148249][T12455] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  192.161135][T12455] ext4 filesystem being mounted at /147/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  192.215539][T10328] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  192.235038][T12463] loop6: detected capacity change from 0 to 128
[  192.245939][T12463] syz.6.3247: attempt to access beyond end of device
[  192.245939][T12463] loop6: rw=2049, sector=145, nr_sectors = 3 limit=128
[  192.333313][T12463] syz.6.3247: attempt to access beyond end of device
[  192.333313][T12463] loop6: rw=2049, sector=161, nr_sectors = 8 limit=128
[  192.347638][T12463] syz.6.3247: attempt to access beyond end of device
[  192.347638][T12463] loop6: rw=2049, sector=177, nr_sectors = 24 limit=128
[  192.361425][T12463] syz.6.3247: attempt to access beyond end of device
[  192.361425][T12463] loop6: rw=2049, sector=209, nr_sectors = 8 limit=128
[  192.377283][T12463] syz.6.3247: attempt to access beyond end of device
[  192.377283][T12463] loop6: rw=2049, sector=225, nr_sectors = 8 limit=128
[  192.392386][T12463] syz.6.3247: attempt to access beyond end of device
[  192.392386][T12463] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128
[  192.409827][T12463] syz.6.3247: attempt to access beyond end of device
[  192.409827][T12463] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128
[  192.438121][T12469] team0 (unregistering): Port device team_slave_0 removed
[  192.446540][T12469] team0 (unregistering): Port device team_slave_1 removed
[  192.460826][ T3751] kworker/u8:64: attempt to access beyond end of device
[  192.460826][ T3751] loop6: rw=1, sector=161, nr_sectors = 1 limit=128
[  192.503345][T12471] bridge0: port 2(batadv1) entered blocking state
[  192.511514][T12471] bridge0: port 2(batadv1) entered disabled state
[  192.519737][T12471] batadv1: entered allmulticast mode
[  192.540164][T12471] batadv1: entered promiscuous mode
[  192.544437][T12475] loop0: detected capacity change from 0 to 512
[  192.557846][T12475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.584356][T12475] ext4 filesystem being mounted at /47/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  192.598709][T12475] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #2: comm syz.0.3253: corrupted inode contents
[  192.611248][T12475] EXT4-fs error (device loop0): ext4_dirty_inode:6509: inode #2: comm syz.0.3253: mark_inode_dirty error
[  192.623312][T12475] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #2: comm syz.0.3253: corrupted inode contents
[  192.637089][T12475] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #2: comm syz.0.3253: corrupted inode contents
[  192.649907][T12475] EXT4-fs error (device loop0): ext4_dirty_inode:6509: inode #2: comm syz.0.3253: mark_inode_dirty error
[  192.662030][T12475] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #2: comm syz.0.3253: corrupted inode contents
[  192.674291][T12475] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.3253: mark_inode_dirty error
[  192.686984][T12475] EXT4-fs error (device loop0): ext4_do_update_inode:5624: inode #2: comm syz.0.3253: corrupted inode contents
[  192.699165][T12475] EXT4-fs error (device loop0): ext4_dirty_inode:6509: inode #2: comm syz.0.3253: mark_inode_dirty error
[  192.748875][T11768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.765915][T12487] loop7: detected capacity change from 0 to 1024
[  192.776194][T12487] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.798836][T12487] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.3257: bg 0: block 88: padding at end of block bitmap is not set
[  192.895379][T11575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.922999][T12503] pim6reg1: entered promiscuous mode
[  192.928449][T12503] pim6reg1: entered allmulticast mode
[  192.984562][ T3751] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  192.993924][ T3751] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  193.113721][T12514] __nla_validate_parse: 5 callbacks suppressed
[  193.113742][T12514] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3267'.
[  193.141976][T12518] macsec0: entered promiscuous mode
[  193.147403][T12518] bridge0: entered promiscuous mode
[  193.153661][T12518] bridge0: port 3(macsec0) entered blocking state
[  193.160993][T12518] bridge0: port 3(macsec0) entered disabled state
[  193.168419][T12518] macsec0: entered allmulticast mode
[  193.173745][T12518] bridge0: entered allmulticast mode
[  193.180029][T12518] macsec0: left allmulticast mode
[  193.180180][T12522] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12522 comm=syz.7.3270
[  193.185928][T12518] bridge0: left allmulticast mode
[  193.197925][T12522] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12522 comm=syz.7.3270
[  193.215900][T12518] bridge0: left promiscuous mode
[  193.324839][T12525] team1: left promiscuous mode
[  193.329663][T12525] team1: left allmulticast mode
[  193.337654][ T3740] netdevsim netdevsim6 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.352388][ T3740] netdevsim netdevsim6 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.362436][ T3740] netdevsim netdevsim6 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.372188][ T3740] netdevsim netdevsim6 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  193.387601][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.488662][T12542] netlink: 'syz.2.3279': attribute type 2 has an invalid length.
[  193.509579][T12545] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=12545 comm=syz.0.3281
[  193.523765][T12545] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=12545 comm=syz.0.3281
[  193.560320][T12547] netlink: 'syz.6.3282': attribute type 21 has an invalid length.
[  193.568564][T12547] netlink: 132 bytes leftover after parsing attributes in process `syz.6.3282'.
[  193.615063][T12554] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3284'.
[  193.946371][T12563] batman_adv: batadv0: Interface deactivated: veth1_vlan
[  193.982980][T12563] veth0_vlan: left allmulticast mode
[  194.037331][T12563] geneve2: left promiscuous mode
[  194.051257][T12563] vlan2: left allmulticast mode
[  194.056280][T12563] gretap0: left allmulticast mode
[  194.064407][T12563] team0: left promiscuous mode
[  194.069229][T12563] team0: left allmulticast mode
[  194.085928][T12563] bond1: left promiscuous mode
[  194.090779][T12563] bond1: left allmulticast mode
[  194.137654][ T3751] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.146741][T12575] netlink: 96 bytes leftover after parsing attributes in process `syz.7.3291'.
[  194.156009][ T3751] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.191696][ T3751] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.211869][   T29] kauditd_printk_skb: 221 callbacks suppressed
[  194.211887][   T29] audit: type=1326 audit(1759803707.975:9890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.217086][ T3751] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  194.222407][   T29] audit: type=1326 audit(1759803707.975:9891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.276426][   T29] audit: type=1326 audit(1759803707.975:9892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.301518][   T29] audit: type=1326 audit(1759803707.975:9893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.326980][   T29] audit: type=1326 audit(1759803707.975:9894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.353834][   T29] audit: type=1326 audit(1759803707.975:9895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.377794][   T29] audit: type=1326 audit(1759803707.975:9896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.402405][   T29] audit: type=1326 audit(1759803707.975:9897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.427856][   T29] audit: type=1326 audit(1759803707.975:9898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.452649][   T29] audit: type=1326 audit(1759803707.975:9899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12576 comm="syz.7.3292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  194.599677][T12585] loop7: detected capacity change from 0 to 512
[  194.615173][T12585] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
[  194.659070][T12585] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.3297: bg 0: block 104: invalid block bitmap
[  194.694527][T12585] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  194.738283][T12585] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.3297: invalid indirect mapped block 1 (level 1)
[  194.775592][T12585] EXT4-fs (loop7): 1 truncate cleaned up
[  194.788616][T12585] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  194.922672][T12608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.940464][T12608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.956402][T11575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.304014][T12626] lo: left allmulticast mode
[  195.318281][T12626] tunl0: left allmulticast mode
[  195.332953][T12626] gre0: left allmulticast mode
[  195.371974][T12626] gretap0: left allmulticast mode
[  195.390233][T12626] erspan0: left allmulticast mode
[  195.398929][T12626] ip_vti0: left allmulticast mode
[  195.406872][T12626] ip6_vti0: left allmulticast mode
[  195.423385][T12626] sit0: left allmulticast mode
[  195.463148][T12626] ip6tnl0: left allmulticast mode
[  195.481855][T12626] ip6gre0: left allmulticast mode
[  195.502698][T12626] syz_tun: left allmulticast mode
[  195.528567][T12626] ip6gretap0: left allmulticast mode
[  195.536490][T12626] vcan0: left allmulticast mode
[  195.545514][T12626] bond0: left allmulticast mode
[  195.550468][T12626] bond_slave_0: left allmulticast mode
[  195.556781][T12626] bond_slave_1: left allmulticast mode
[  195.571614][T12626] team0: left allmulticast mode
[  195.576857][T12626] team_slave_0: left allmulticast mode
[  195.582430][T12626] team_slave_1: left allmulticast mode
[  195.590993][T12626] dummy0: left allmulticast mode
[  195.599535][T12626] nlmon0: left allmulticast mode
[  195.606410][T12626] caif0: left allmulticast mode
[  195.651212][T12626] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  195.663505][T12626] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  195.708589][T12626] geneve0: left allmulticast mode
[  195.728141][T12626] geneve2: left allmulticast mode
[  195.851742][T12638] bridge0: port 3(batadv1) entered blocking state
[  195.860218][T12638] bridge0: port 3(batadv1) entered disabled state
[  195.869594][T12638] batadv1: entered allmulticast mode
[  195.898124][T12638] batadv1: entered promiscuous mode
[  195.904880][ T3709] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.913445][ T3709] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.922173][ T3709] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.931362][ T3709] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.264338][ T3740] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  196.273802][ T3740] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  196.422541][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3329'.
[  196.439469][T12670] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  196.442019][T12672] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3329'.
[  196.455668][T12669] tipc: Resetting bearer <eth:syzkaller0>
[  196.492733][T12669] tipc: Disabling bearer <eth:syzkaller0>
[  196.585150][T12685] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3335'.
[  196.599072][T12685] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3335'.
[  196.683895][T12691] loop0: detected capacity change from 0 to 1024
[  196.712092][T12691] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.738920][T11768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.150430][T12723] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3349'.
[  197.402428][T12745] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=12745 comm=syz.6.3359
[  197.424879][T12747] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3363'.
[  197.957801][T12785] geneve2: entered promiscuous mode
[  197.963055][T12785] geneve2: entered allmulticast mode
[  197.984768][T12788] loop0: detected capacity change from 0 to 1024
[  197.995447][T12788] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.157071][T12799] loop5: detected capacity change from 0 to 1024
[  198.163803][T12799] EXT4-fs: Ignoring removed orlov option
[  198.190306][T12799] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.387415][T12807] loop2: detected capacity change from 0 to 1024
[  198.401911][T12807] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.461695][T12814] __nla_validate_parse: 5 callbacks suppressed
[  198.461715][T12814] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3390'.
[  198.648286][T11768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.695446][T12825] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3394'.
[  198.764309][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.786969][T12827] serio: Serial port ptm0
[  198.793169][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.126294][T12846] loop2: detected capacity change from 0 to 512
[  199.136479][T12846] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.159178][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.242424][   T29] kauditd_printk_skb: 246 callbacks suppressed
[  199.242441][   T29] audit: type=1400 audit(1759803713.006:10146): avc:  denied  { name_connect } for  pid=12850 comm="syz.2.3404" dest=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  199.327211][T12857] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3407'.
[  199.340932][T12857] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3407'.
[  199.412263][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3408'.
[  199.431893][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3408'.
[  199.443621][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3408'.
[  199.454283][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3408'.
[  199.470480][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3408'.
[  199.479949][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3408'.
[  199.582659][T12869] loop7: detected capacity change from 0 to 512
[  199.590649][T12869] EXT4-fs: Ignoring removed mblk_io_submit option
[  199.606077][T12869] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.618651][T12869] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.635078][   T29] audit: type=1400 audit(1759803713.406:10147): avc:  denied  { mounton } for  pid=12866 comm="syz.7.3412" path="/105/file1" dev="loop7" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  199.635862][ T6087] kernel write not supported for file /237/attr/prev (pid: 6087 comm: kworker/0:14)
[  199.682590][T11575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.799342][T12883] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  199.885504][T12890] netlink: 'syz.7.3421': attribute type 39 has an invalid length.
[  199.919445][T12894] tipc: Started in network mode
[  199.924514][T12894] tipc: Node identity f6cf22d86083, cluster identity 4711
[  199.931779][T12894] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  199.946348][T12893] tipc: Resetting bearer <eth:syzkaller0>
[  199.967674][T12893] tipc: Disabling bearer <eth:syzkaller0>
[  200.178375][T12922] loop7: detected capacity change from 0 to 128
[  200.185018][   T29] audit: type=1400 audit(1759803713.946:10148): avc:  denied  { create } for  pid=12919 comm="syz.2.3435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  200.205416][T12922] FAT-fs (loop7): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  200.217869][   T29] audit: type=1326 audit(1759803713.986:10149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.7.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  200.241660][   T29] audit: type=1326 audit(1759803713.986:10150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.7.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  200.263303][T12926] loop2: detected capacity change from 0 to 1024
[  200.265311][   T29] audit: type=1326 audit(1759803713.986:10151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.7.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  200.274693][T12926] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.296410][   T29] audit: type=1326 audit(1759803714.066:10152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.7.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  200.331414][   T29] audit: type=1326 audit(1759803714.066:10153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.7.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  200.356956][   T29] audit: type=1326 audit(1759803714.066:10154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.7.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  200.380967][   T29] audit: type=1326 audit(1759803714.146:10155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12920 comm="syz.7.3436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1c74cfeec9 code=0x7ffc0000
[  200.410376][T12922] FAT-fs (loop7): error, invalid access to FAT (entry 0x00000100)
[  200.418272][T12922] FAT-fs (loop7): Filesystem has been set read-only
[  200.424987][T12922] syz.7.3436: attempt to access beyond end of device
[  200.424987][T12922] loop7: rw=0, sector=2065, nr_sectors = 8 limit=128
[  200.477427][T12930] tipc: Started in network mode
[  200.482381][T12930] tipc: Node identity baa1a6ddaefa, cluster identity 4711
[  200.489771][T12930] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  200.498525][T12929] tipc: Resetting bearer <eth:syzkaller0>
[  200.518251][T12929] tipc: Disabling bearer <eth:syzkaller0>
[  200.614087][T12933] geneve3: entered promiscuous mode
[  200.619371][T12933] geneve3: entered allmulticast mode
[  200.778026][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.842819][T12942] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.855911][T12942] vlan3: entered allmulticast mode
[  200.861103][T12942] bond0: entered allmulticast mode
[  200.938617][T12948] loop2: detected capacity change from 0 to 512
[  200.966566][T12948] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.047949][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.756595][T12959] .` (unregistering): (slave dummy0): Releasing backup interface
[  201.774102][T12959] .` (unregistering): Released all slaves
[  201.814785][T12966] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12966 comm=syz.0.3451
[  201.862266][T12974] vlan0: entered allmulticast mode
[  201.960170][T12982] loop0: detected capacity change from 0 to 1024
[  201.967544][T12982] EXT4-fs: Ignoring removed oldalloc option
[  201.974901][T12982] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  201.977789][T12985] loop6: detected capacity change from 0 to 512
[  201.991417][T12985] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  202.002819][T12985] EXT4-fs (loop6): 1 truncate cleaned up
[  202.009081][T12985] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.010723][T12982] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  202.033592][T12982] ext4 filesystem being mounted at /101/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.075930][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.104641][T12996] loop6: detected capacity change from 0 to 2048
[  202.111698][T12996] ext4: Unknown parameter 'hash'
[  202.127331][T12996] vlan0: entered allmulticast mode
[  202.132535][T12996] bridge_slave_0: entered allmulticast mode
[  202.737155][T13091] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4 sclass=netlink_route_socket pid=13091 comm=syz.7.3467
[  202.796468][T11768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  202.813093][T13101] serio: Serial port ptm0
[  203.205179][T13153] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=13153 comm=syz.0.3477
[  203.275753][T13156] batadv1: left allmulticast mode
[  203.281240][T13156] batadv1: left promiscuous mode
[  203.287043][T13156] bridge0: port 3(batadv1) entered disabled state
[  203.297854][T13156] bridge_slave_1: left allmulticast mode
[  203.304460][T13156] bridge_slave_1: left promiscuous mode
[  203.310631][T13156] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.319113][T13156] bridge_slave_0: left promiscuous mode
[  203.325428][T13156] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.429178][T13171] loop6: detected capacity change from 0 to 1024
[  203.436160][T13171] EXT4-fs: Ignoring removed orlov option
[  203.446180][T13171] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.717769][T13189] __nla_validate_parse: 19 callbacks suppressed
[  203.717786][T13189] netlink: 14 bytes leftover after parsing attributes in process `syz.7.3489'.
[  203.736700][T13189] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.747541][T13189] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.760820][T13189] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  203.779317][T13189] bond0 (unregistering): Released all slaves
[  203.801402][T13191] bridge: RTM_NEWNEIGH with invalid ether address
[  203.879760][T13198] netlink: 'syz.7.3492': attribute type 7 has an invalid length.
[  203.887962][T13198] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3492'.
[  203.943594][T13204] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3495'.
[  203.962229][T13206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3496'.
[  203.964133][T13204] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3495'.
[  203.978223][T13206] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3496'.
[  204.012423][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.029773][T13208] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3497'.
[  204.040148][T13210] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3498'.
[  204.040253][T13208] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3497'.
[  204.171957][T13224] loop5: detected capacity change from 0 to 1024
[  204.207761][T13224] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.230213][T13224] ext4 filesystem being mounted at /160/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  204.255025][   T29] kauditd_printk_skb: 91 callbacks suppressed
[  204.255043][   T29] audit: type=1326 audit(1759803718.026:10247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.314110][   T29] audit: type=1326 audit(1759803718.056:10248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.339830][   T29] audit: type=1326 audit(1759803718.056:10249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.363550][   T29] audit: type=1326 audit(1759803718.056:10250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.388979][   T29] audit: type=1326 audit(1759803718.056:10251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.414337][   T29] audit: type=1326 audit(1759803718.056:10252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.440412][   T29] audit: type=1326 audit(1759803718.056:10253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.464373][   T29] audit: type=1326 audit(1759803718.056:10254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.488099][   T29] audit: type=1326 audit(1759803718.056:10255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.512103][   T29] audit: type=1326 audit(1759803718.056:10256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13222 comm="syz.5.3504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99985eeec9 code=0x7ffc0000
[  204.522789][T13232] loop2: detected capacity change from 0 to 1024
[  204.543704][ T3709] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm kworker/u8:22: bg 0: block 393: padding at end of block bitmap is not set
[  204.543735][T13232] EXT4-fs: Ignoring removed orlov option
[  204.589607][T13234] loop7: detected capacity change from 0 to 1024
[  204.593097][ T3709] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 117
[  204.596466][T13234] EXT4-fs: Ignoring removed orlov option
[  204.608622][ T3709] EXT4-fs (loop5): This should not happen!! Data will be lost
[  204.608622][ T3709] 
[  204.615664][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.627490][T13232] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.648185][T13234] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  204.686180][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.759154][T13243] loop2: detected capacity change from 0 to 2048
[  204.804665][T13243]  loop2: p2 < > p4
[  204.826442][T13243] loop2: p4 size 262144 extends beyond EOD, truncated
[  205.263751][T13253] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3513'.
[  205.264699][T11575] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.362924][T13264] loop0: detected capacity change from 0 to 1024
[  205.404293][T13272] loop5: detected capacity change from 0 to 512
[  205.427133][T13272] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.3519: corrupted in-inode xattr: invalid ea_ino
[  205.475515][T13272] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.3519: couldn't read orphan inode 15 (err -117)
[  205.509956][T13272] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  205.679048][T13291] loop0: detected capacity change from 0 to 1024
[  205.686295][T13291] EXT4-fs: Ignoring removed orlov option
[  205.694355][T13291] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.946173][T13306] loop6: detected capacity change from 0 to 1024
[  205.954310][T13306] EXT4-fs: Ignoring removed oldalloc option
[  205.961068][T13306] EXT4-fs (loop6): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  205.976793][T13291] ==================================================================
[  205.984918][T13291] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / writeback_single_inode
[  205.994154][T13291] 
[  205.996511][T13291] write to 0xffff88811a1e9bb0 of 4 bytes by task 13294 on cpu 1:
[  206.004244][T13291]  writeback_single_inode+0x150/0x3f0
[  206.009633][T13291]  sync_inode_metadata+0x5b/0x90
[  206.014589][T13291]  generic_buffers_fsync_noflush+0xd9/0x120
[  206.020510][T13291]  ext4_sync_file+0x1ab/0x690
[  206.025257][T13291]  vfs_fsync_range+0x10d/0x130
[  206.030095][T13291]  ext4_buffered_write_iter+0x34f/0x3c0
[  206.035775][T13291]  ext4_file_write_iter+0x387/0xf60
[  206.040998][T13291]  iter_file_splice_write+0x663/0xa60
[  206.046377][T13291]  direct_splice_actor+0x153/0x2a0
[  206.051533][T13291]  splice_direct_to_actor+0x30f/0x680
[  206.056927][T13291]  do_splice_direct+0xda/0x150
[  206.061719][T13291]  do_sendfile+0x380/0x650
[  206.066144][T13291]  __x64_sys_sendfile64+0x105/0x150
[  206.071376][T13291]  x64_sys_call+0x2bb4/0x3000
[  206.076067][T13291]  do_syscall_64+0xd2/0x200
[  206.080577][T13291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.086506][T13291] 
[  206.088838][T13291] read to 0xffff88811a1e9bb0 of 4 bytes by task 13291 on cpu 0:
[  206.096475][T13291]  generic_buffers_fsync_noflush+0x80/0x120
[  206.102391][T13291]  ext4_sync_file+0x1ab/0x690
[  206.107066][T13291]  vfs_fsync_range+0x10d/0x130
[  206.111839][T13291]  ext4_buffered_write_iter+0x34f/0x3c0
[  206.117402][T13291]  ext4_file_write_iter+0x387/0xf60
[  206.122612][T13291]  iter_file_splice_write+0x663/0xa60
[  206.127982][T13291]  direct_splice_actor+0x153/0x2a0
[  206.133205][T13291]  splice_direct_to_actor+0x30f/0x680
[  206.138588][T13291]  do_splice_direct+0xda/0x150
[  206.143353][T13291]  do_sendfile+0x380/0x650
[  206.147778][T13291]  __x64_sys_sendfile64+0x105/0x150
[  206.152985][T13291]  x64_sys_call+0x2bb4/0x3000
[  206.157673][T13291]  do_syscall_64+0xd2/0x200
[  206.162190][T13291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.168170][T13291] 
[  206.170505][T13291] value changed: 0x00000070 -> 0x00000002
[  206.176236][T13291] 
[  206.178563][T13291] Reported by Kernel Concurrency Sanitizer on:
[  206.184714][T13291] CPU: 0 UID: 0 PID: 13291 Comm: syz.0.3526 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  206.194535][T13291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  206.204598][T13291] ==================================================================
[  206.216291][T13306] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  206.228623][T13306] ext4 filesystem being mounted at /211/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  206.252624][T10109] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.305060][T11768] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.781731][T10328] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.